Intrusion Prevention



It indicates a possible exploit of a file inclusion vulnerability in Nivisec Admin Topic Action Logging module that may allow remote attackers to execute arbitrary PHP code via a URL in parameter phpbb_root_path.

Affected Products

phpBB phpBB 2.0.21
phpBB phpBB 2.0.20
phpBB phpBB 2.0.18
Nivisec Admin Topic Action Logging 0.95
Minerva Minerva 2.0.21
Minerva Minerva 2.0.19
Minerva Minerva 2.0.8


Compromise of affected system

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.

CVE References