CVE-2006-7174 Information

Description

PHP remote file inclusion vulnerability in includes/functions.php in the Dimension module of phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: this may be the same issue as CVE-2006-5235.

Reference

http://securityreason.com/securityalert/2464 http://www.securityfocus.com/archive/1/452012/100/200/threaded http://www.securityfocus.com/archive/1/452100/100/200/threaded