CVE-2006-5223

PHP remote file inclusion vulnerability in includes/functions_user_viewed_posts.php in the Nivisec User Viewed Posts Tracker module 1.0 and earlier for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

Date published : 2006-10-10

http://www.securityfocus.com/bid/20385

http://www.securityfocus.com/archive/1/447932/100/0/threaded