Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
phpBB Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2007-5173 - Vulnerability Database
phpBB

phpBB Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2007-5173

Medium
Reference: CVE-2007-5173
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2007-5173
Title: phpBB Improper Control of Generation of Code (Code Injection) Vulnerability
Overview:

PHP remote file inclusion vulnerability in includes/openid/Auth/OpenID/BBStore.php in phpBB Openid 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the openid_root_path parameter.