Intrusion PreventionphpBB.Viewtopic.Highlight.Remote.Code.Execution
Description
It indicates a possible exploit of Remote Code Execution Vulnerability in phpBB bulletin board package.
phpBB is a high powered, fully scalable, and highly customizable
Open Source bulletin board package. A remote code injection vulnerability is reported in it that may allow an attacker to execute arbitrary code on the vulnerable system with web server permission. This is due to application failure to properly sanitize highlight parameter passed to preg_replace() function in viewtopic.php. An attacker may exploit this by sending specially crafted URI to victims machine to include remote php code and execute it on the vulnerable system.
Affected Products
phpBB 2.0.15 and prior versions.
Impact
Compromise of the affected system.
Recommended Actions
Upgrade to phpBB 2.0.16 or later versions from the following URL:
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-05-19 | 15.846 | Default_action:pass:drop |
| 2019-11-22 | 15.729 | Name:PHPBB. Viewtopic. Highlight. Remote. Code. Execution:phpBB. Viewtopic. Highlight. Remote. Code. Execution |
References
1| ID | 10181 |
| Created | Jul 03, 2005 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2005-2086 |
| Exploit Prediction Score | 15.24% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux, BSD, Solaris, MacOS |
| Affected App | PHP_app |