CVE-2006-1896

CVE-2006-1896 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:P

Unspecified vulnerability in phpBB allows remote authenticated users with Administration Panel access to execute arbitrary PHP code via crafted Font Colour 3 ($theme[fontcolor3] variable) and/or signature values, possibly involving the highlight functionality. NOTE: the original report does not clarify whether this issue is static code injection, eval injection, or another type of vulnerability.

Learn more about our User Device Pen Test.