CVE-2006-3028

Name of the Vulnerable Software and Affected Versions Minerva versions 2.0.8a Build 237 and earlier

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the phpbb root path parameter. This can be exploited by providing a malicious URL, potentially leading to code execution.

Recommendations For Minerva versions 2.0.8a Build 237 and earlier, consider restricting access to the module.php file in the stat modules/users age directory until a patch is available. Avoid using the phpbb root path parameter with untrusted input to minimize the risk of exploitation.