CVE-2006-2150
PHP remote file inclusion vulnerability in top/list.php in phpBB TopList 1.3.8 and earlier allows remote attackers to include arbitrary files via the returnpath parameter.
Date published : 2006-05-03
http://www.securityfocus.com/archive/1/432453/100/0/threaded