CVE-2006-5390 Phpbb — Exploit & Vulnerability Details NONE

Parameter	Value
Type	CWE-94 (Code Injection)
Vendor	Phpbb
Public PoC	Yes

PHP remote file inclusion vulnerability in includes/functions_mod_user.php in the ACP User Registration (MMW) 1.00 module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

Weakness Type (CWE)

CWE-94 Code Injection

Vulnerable Products 1

Configuration	From (including)	Up to (excluding)
Phpbb Acp_User_Registration_Module cpe:2.3:a:phpbb:acp_user_registration_module:1.00:::::::*	—	—

References 6

http://secunia.com/advisories/22436

cve@mitre.org

http://www.osvdb.org/29734

cve@mitre.org

http://www.phpbb.com/phpBB/viewtopic.php?p=2504370#2504370

cve@mitre.org

http://www.securityfocus.com/bid/20558

cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/29571

cve@mitre.org

https://www.exploit-db.com/exploits/2551

cve@mitre.org

Share Post Share Share Share

Related Vulnerabilities

CVE-2025-70811

Phpbb

4.3

CVE-2025-70810

Phpbb

8.8

CVE-2019-25685

Phpbb

8.7

CVE-2006-5418

Phpbb

None

CVE-2006-5309

Phpbb

None

Menu

CVE-2006-5390

Weakness Type (CWE)

Vulnerable Products 1

References 6

Related Vulnerabilities

CVE-2025-70811

CVE-2025-70810

CVE-2019-25685

CVE-2006-5418

CVE-2006-5309

CVE Details

Editor's Choice

Menu

CVE-2006-5390

Weakness Type (CWE)

Vulnerable Products 1

References 6

Related Vulnerabilities

CVE-2025-70811

CVE-2025-70810

CVE-2019-25685

CVE-2006-5418

CVE-2006-5309

CVE Details

Editor's Choice

Stay informed on cybersecurity