CVE-2007-1839

Name of the Vulnerable Software and Affected Versions: CodeBB versions 1.1b3 and earlier

Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the phpbb root path parameter to specific PHP files, including (1) pass code.php and (2) lang select.php.

Recommendations: For CodeBB versions 1.1b3 and earlier, as a temporary workaround, consider restricting access to the pass code.php and lang select.php files until a patch is available. Avoid using the phpbb root path parameter in these files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.