phpBB Avatar_Path PHP Code Execution Vulnerability

info
discussion
exploit
solution
references

phpBB Avatar_Path PHP Code Execution Vulnerability

The phpBB application is prone to an arbitrary PHP code-execution vulnerability.

If successful, attackers can execute script code with the privileges of the webserver process.