Intrusion Prevention

Nivisec.Admin.Topic.Action.Logging.Remote.File.Inclusion

Description

It indicates a possible exploit of a file inclusion vulnerability in Nivisec Admin Topic Action Logging module that may allow remote attackers to execute arbitrary PHP code via a URL in parameter phpbb_root_path.

Affected Products

phpBB phpBB 2.0.21
phpBB phpBB 2.0.20
phpBB phpBB 2.0.18
Nivisec Admin Topic Action Logging 0.95
Minerva Minerva 2.0.21
Minerva Minerva 2.0.19
Minerva Minerva 2.0.8

Impact

Compromise of affected system

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.

CVE References

CVE-2006-5077