CVE-2006-5435

Name of the Vulnerable Software and Affected Versions phpBB versions 2.0.10 and earlier

Description A remote file inclusion issue allows attackers to execute arbitrary PHP code. This is achieved by providing a URL in the phpbb root path parameter.

Recommendations For versions 2.0.10 and earlier, consider restricting access to the groupcp.php file until a fix is available. As a temporary workaround, ensure that the $phpbb root path variable is properly defined and validated before use to prevent exploitation.