vendor:
phpBB++
by:
xoron
7.5
CVSS
HIGH
Remote File Inclusion
CWE
Product Name: phpBB++
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
2007
phpBB++ (phpbb_root_path) Remote File Include Exploit
This exploit takes advantage of a remote file inclusion vulnerability in phpBB++. By exploiting this vulnerability, an attacker can include arbitrary files from a remote server, leading to remote code execution.
Mitigation:
The vendor should release a patch to fix the remote file inclusion vulnerability. Users are advised to update to the latest version of phpBB++ to mitigate this vulnerability.