CVE-2005-3420
Summary
usercp_register.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signature_bbcode_uid parameter, as demonstrated by injecting an "e" modifier into a preg_replace statement.
- LOW
- NETWORK
- NONE
- PARTIAL
- PARTIAL
- PARTIAL
References
Advisory Timeline
- Published