Vulnerabilities > CVE-2002-1707 - Remote File Include vulnerability in PHPBB2 Install.PHP
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
install.php in phpBB 2.0 through 2.0.1, when "allow_url_fopen" and "register_globals" variables are set to "on", allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_dir parameter to reference a URL on a remote web server that contains the code.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 |