Test ID:	53986
Category:	CGI abuses
Title:	phpBB Viewtopic.PHP Remote Code Execution
Summary:	phpBB Viewtopic.PHP Remote Code Execution
Description:	The remote system, according to its banner, is running a version of phpBB prior to 2.0.16. These versions are vulnerable to a PHP code injection attack via the 'viewtopic.php' script that allows an attacker to execute arbitrary PHP code. Versions up to and including 2.0.15 are known to be vulnerable. Solution : Upgrade to version 2.0.16 or later. Risk factor : High
Cross-Ref:	BugTraq ID: 14086 Common Vulnerability Exposure (CVE) ID: CVE-2005-2086 Bugtraq: 20050628 Security Advisory - phpBB 2.0.15 PHP-code injection bug (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=111999905917019&w=2
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 24975 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: