phpBB Viewtopic.PHP PHP Script Injection Vulnerability

The 'viewtopic.php' phpBB script is prone to a remote PHP script injection vulnerability because the application fails to properly sanitize user-supplied URI parameters before using them to construct dynamically generated web pages.

Exploiting this issue may allow a remote attacker to execute arbitrary commands in the context of the webserver that is hosting the vulnerable software.


Privacy Statement
Copyright 2010, SecurityFocus