PT-2010-3293 · Phpbb · Phpbb
Naderman
+1
·
Published
2010-05-19
·
Updated
2010-05-20
·
CVE-2010-1627
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
phpBB version 3.0.7
Description
The issue allows remote attackers to bypass intended access restrictions. This is due to improper permission checking for feeds in the feed.php file. The attack vectors are related to permission settings on a private forum.
Recommendations
For phpBB version 3.0.7, update to version 3.0.7-PL1 to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Phpbb