CVE-2006-5312

Name of the Vulnerable Software and Affected Versions Ajax Shoutbox module for phpBB versions 0.0.5 and earlier

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the phpbb root path parameter. This is a result of a PHP remote file inclusion vulnerability in the shoutbox.php file.

Recommendations For Ajax Shoutbox module for phpBB versions 0.0.5 and earlier, consider disabling the shoutbox.php file until a patch is available to prevent remote file inclusion attacks. Restrict access to the phpbb root path parameter to minimize the risk of exploitation.