CVE-2002-0473

db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier allows remote attackers to execute arbitrary code from remote servers via the phpbb_root_path parameter.

Date published : 2003-04-02

http://www.securityfocus.com/bid/4380

http://archives.neohapsis.com/archives/bugtraq/2002-03/0221.html