CVE-2006-2828

Name of the Vulnerable Software and Affected Versions PHP-Nuke (affected versions not specified)

Description The issue allows remote attackers to conduct remote PHP file inclusion attacks. This is achieved by modifying the phpbb root path parameter in various admin scripts, including "index.php", "admin ug auth.php", "admin board.php", "admin disallow.php", "admin forumauth.php", "admin groups.php", "admin ranks.php", "admin styles.php", "admin user ban.php", "admin words.php", "admin avatar.php", "admin db utilities.php", "admin forum prune.php", "admin forums.php", "admin mass email.php", "admin smilies.php", and "admin users.php". The vulnerability occurs when the import request variables function overwrites the $phpbb root path variable after it has been initialized to a static value.

Recommendations As a temporary workaround, consider restricting access to the admin scripts until a patch is available. Avoid using the modified phpbb root path parameter in the affected admin scripts. Restrict the execution of the import request variables function to prevent the overwrite of the $phpbb root path variable. At the moment, there is no information about a newer version that contains a fix for this vulnerability.