Back to search
CVE-2006-1896
Published: Apr 20, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Unspecified vulnerability in phpBB allows remote authenticated users with Administration Panel access to execute arbitrary PHP code via crafted Font Colour 3 ($theme[fontcolor3] variable) and/or signature values, possibly involving the highlight functionality. NOTE: the original report does not clarify whether this issue is static code injection, eval injection, or another type of vulnerability.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20060414 phpBB Admin command execution
mailing-list
x_refsource_BUGTRAQ
DSA-1066
vendor-advisory
x_refsource_DEBIAN
phpbb-admin-code-execution(25889)
vdb-entry
x_refsource_XF
20060418 Re: phpBB Admin command execution
mailing-list
x_refsource_BUGTRAQ
715
third-party-advisory
x_refsource_SREASON
762
third-party-advisory
x_refsource_SREASON
20093
third-party-advisory
x_refsource_SECUNIA
20197
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now