Primehalo

Name of the Vulnerable Software and Affected Versions: phpBB 3 Prime Quick Style addon versions prior to 1.2.3 Description: The issue allows remote authenticated users to execute arbitrary SQL commands. This is achieved by exploiting the `prime quick style` parameter to the "/ucp.php" API endpoint. Recommendations: For versions prior to 1.2.3, update to version 1.2.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the `/ucp.php` endpoint or disabling the `prime quick style` parameter until a patch is available.