phpBB.Tweaked.PHPBB.Root.Path.Remote.File.Inclusion
Description
This indicates a possible attack against a remote File Include vulnerability in Phpbb Tweaked.
The vulnerability may allow a remote attacker to include and execute an arbitrary file on the web server with the privileges of the server via a specially-crafted URL request to the 'includes/functions.php' script, by using the 'phpbb_root_path' parameter to specify a malicious PHP file from a remote system.
Affected Products
Phpbb Tweaked version 3 and prior.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Currently we are not aware of any vendor-supplied patches for this issue.
http://sourceforge.net/projects/phpbbtweaked/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-11-22 | 15.729 | Name:Phpbb. Tweaked. PHPBB. Root. Path. Remote. File. Inclusion:phpBB. Tweaked. PHPBB. Root. Path. Remote. File. Inclusion |