Remote Code Execution in phpBB 2.0.17 and earlier due to Disabled register_long_arrays Directive
CVE-2005-3417 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
phpBB 2.0.17 and earlier, when the register_long_arrays directive is disabled, allows remote attackers to modify global variables and bypass security mechanisms because PHP does not define the associated HTTP_* variables.
Learn more about our Web Application Penetration Testing UK.