CVE-2006-7168

Description

PHP remote file inclusion vulnerability in includes/not_mem.php in the Add Name module for PHP allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

Affected products

• phpBB / phpBB

References

• MISChttp://www.securityfocus.com/archive/1/448630/100/0/threaded
• MISChttp://www.securityfocus.com/bid/20516
• MISChttp://securityreason.com/securityalert/2450
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/29595