Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14249
HistorySep 13, 2006 - 12:00 a.m.

AzzCoder => phpBB XS 0.58 Remote File Include

2006-09-1300:00:00
vulners.com
20

A important vulnerability into functions.php will allow a malicious user to insert a remote file.

The Vulnerable Code:

include_once( $phpbb_root_path . './includes/functions_categories_hierarchy.' . $phpEx );

(The phpbb_root_path isn't initialize and PHPBB_IN isn't checked)