This Metasploit module exploits two arbitrary PHP code execution flaws in the phpBB forum system. The problem is that the 'highlight' parameter in the 'viewtopic.php' script is not verified properly and will allow an attacker to inject arbitrary code via preg_replace().
3a2382adc10594ee42ff1bd0b49855a630ee0af65a53e90bd2f33b29bcbe9542
This Metasploit module exploits two arbitrary PHP code execution flaws in the phpBB forum system. The problem is that the 'highlight' parameter in the 'viewtopic.php' script is not verified properly and will allow an attacker to inject arbitrary code via preg_replace().
1bd480a3c38c3cf0cbb3b509893353c357ec5b1bf7fc0df522daa1890d05161f