Remote Code Execution via Signature_bbcode_uid Parameter in phpBB 2.0.17

Remote Code Execution via Signature_bbcode_uid Parameter in phpBB 2.0.17

CVE-2005-3420 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

usercp_register.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signature_bbcode_uid parameter, as demonstrated by injecting an "e" modifier into a preg_replace statement.

Learn more about our Web Application Penetration Testing UK.