CVE-2006-5209

Published: Oct 10, 2006Modified: Apr 23, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

PHP remote file inclusion vulnerability in admin/admin_topic_action_logging.php in Admin Topic Action Logging Mod 0.95 and earlier, as used in phpBB 2.0 up to 2.0.21, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

Affected (31)

Products: Phpbb Group: Phpbb

Phpbb Group

1 product

Phpbb

Configuration A

31 vulnerable

Vulnerable Software	Affected Versions
Phpbb Group Phpbb	Version 2.0.10
Phpbb Group Phpbb	Version 2.0.11
Phpbb Group Phpbb	Version 2.0.12
Phpbb Group Phpbb	Version 2.0.13
Phpbb Group Phpbb	Version 2.0.14
Phpbb Group Phpbb	Version 2.0.15
Phpbb Group Phpbb	Version 2.0.16
Phpbb Group Phpbb	Version 2.0.17
Phpbb Group Phpbb	Version 2.0.18
Phpbb Group Phpbb	Version 2.0.19
Phpbb Group Phpbb	Version 2.0.1
Phpbb Group Phpbb	Version 2.0.20
Phpbb Group Phpbb	Version 2.0.21
Phpbb Group Phpbb	Version 2.0.2
Phpbb Group Phpbb	Version 2.0.3
Phpbb Group Phpbb	Version 2.0.4
Phpbb Group Phpbb	Version 2.0.5
Phpbb Group Phpbb	Version 2.0.6
Phpbb Group Phpbb	Version 2.0.6c
Phpbb Group Phpbb	Version 2.0.6d
Phpbb Group Phpbb	Version 2.0.7
Phpbb Group Phpbb	Version 2.0.7a
Phpbb Group Phpbb	Version 2.0.8
Phpbb Group Phpbb	Version 2.0.8a
Phpbb Group Phpbb	Version 2.0.9
Phpbb Group Phpbb	Version 2.0
Phpbb Group Phpbb	Version 2.0_beta1
Phpbb Group Phpbb	Version 2.0_rc1
Phpbb Group Phpbb	Version 2.0_rc2
Phpbb Group Phpbb	Version 2.0_rc3
Phpbb Group Phpbb	Version 2.0_rc4

References (4)

https://exchange.xforce.ibmcloud.com/vulnerabilities/29345

Source: cve@mitre.org

https://www.exploit-db.com/exploits/2475/

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/29345

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/2475/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.