phpBB Viewtopic.PHP PHP Script Injection Vulnerability
Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
The following example is available:
http://www.example.com/forums/viewtopic.php?t=[NUMBER HERE]&highlight=Bug,SELECT * FROM $table
The following exploits are also available: