Phpbb · Phpbb Plus · CVE-2007-5009
**Name of the Vulnerable Software and Affected Versions**
phpBB Plus versions 1.53 through 1.53a before 20070922
**Description**
The issue allows remote attackers to execute arbitrary PHP code via a URL in the `phpbb root path` parameter in the language/lang german/lang main album.php file.
**Recommendations**
For phpBB Plus versions 1.53 through 1.53a before 20070922, update to a version released after 20070922 to resolve the issue.