Phpbb Group: >> Phpbb >> 2.0.8a Security Vulnerabilities
PHP remote file inclusion vulnerability in album_portal.php in phpBB modified by Przemo 1.8 allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter.
CVSS Score
7.5
EPSS Score
0.017
Published
2004-04-19
phpBB 2.0.8a and earlier trusts the IP address that is in the X-Forwarded-For in the HTTP header, which allows remote attackers to spoof IP addresses.
CVSS Score
5.0
EPSS Score
0.006
Published
2004-04-19
Page 4