CVE-2008-4125

Name of the Vulnerable Software and Affected Versions phpBB versions 2.x

Description The search function in phpBB leaks the state of PHP's PRNG through the search id value, allowing remote attackers to obtain potentially sensitive information. This can be exploited in a cross-application attack, as demonstrated against WordPress.

Recommendations For phpBB version 2.x, consider disabling the search function until a patch is available to prevent potential information leakage. Restrict access to sensitive information and monitor for any suspicious activity that could indicate exploitation of this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.