PHP remote file inclusion vulnerability in pafiledb_constants.php in Download Manager (mxBB pafiledb) integration, as used with phpBB, allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mxbb | mxbb_portal | 2.8 |
| php_arena | pafiledb | 2.0.1 |
| php_arena | pafiledb | 1.1.3 |
| mxbb | mxbb_portal | 2.7 |