CVE-2006-5390 Information

Description

PHP remote file inclusion vulnerability in includes/functions_mod_user.php in the ACP User Registration (MMW) 1.00 module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

Reference

http://secunia.com/advisories/22436 http://www.osvdb.org/29734 http://www.phpbb.com/phpBB/viewtopic.php?p=25043702504370 http://www.securityfocus.com/bid/20558 https://exchange.xforce.ibmcloud.com/vulnerabilities/29571 https://www.exploit-db.com/exploits/2551