iDEFENSE Security Advisory 02.22.05 - Remote exploitation of an input validation vulnerability in the phpBB Group's phpBB2 bulletin board system allows attackers to unlink (delete) arbitrary system files under the privileges of the web server.
8a6f19eb9ba57da2748ca989db18c6ee62630c633912223b282be4427a4d42ef
iDEFENSE Security Advisory 02.22.05 - Remote exploitation of an input validation vulnerability in the phpBB Group's phpBB2 bulletin board system allows attackers to read the contents of arbitrary system files under the privileges of the webserver.
4ab9593103bf1ea38ef611234e57df93b7e8b9dd08dd4db923e59f22431edc8c
The phpbb_clean_username function in phpBB has an improper order of execution allowing path and SQL table disclosure.
a215577b17a268ad3849e2a705244e52a0184db08a9f805716fa54c6e0d2d79e