Nivisec.Admin.Topic.Action.Logging.Remote.File.Inclusion

description-logoDescription

It indicates a possible exploit of a file inclusion vulnerability in Nivisec Admin Topic Action Logging module that may allow remote attackers to execute arbitrary PHP code via a URL in parameter phpbb_root_path.

affected-products-logoAffected Products

phpBB phpBB 2.0.21
phpBB phpBB 2.0.20
phpBB phpBB 2.0.18
Nivisec Admin Topic Action Logging 0.95
Minerva Minerva 2.0.21
Minerva Minerva 2.0.19
Minerva Minerva 2.0.8

Impact logoImpact

Compromise of affected system

recomended-action-logoRecommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2018-09-26 13.458