Reem Hack

**Name of the Vulnerable Software and Affected Versions** Dimitri Seitz Security Suite IP Logger in dwingmods for phpBB (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `phpbb root path` parameter in several files, including `mkb.php`, `iplogger.php`, `admin board2.php`, and `admin logger.php` in the `includes/` directory. This is due to multiple PHP remote file inclusion vulnerabilities. **Recommendations** For Dimitri Seitz Security Suite IP Logger in dwingmods for phpBB, consider restricting access to the `phpbb root path` parameter in the affected files until a patch is available. As a temporary workaround, avoid using the `phpbb root path` parameter in the affected API endpoints, such as those in `mkb.php`, `iplogger.php`, `admin board2.php`, and `admin logger.php`, to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.