Vulnerabilities

CVE-2005-0259

by Fred · 22/02/2005

phpBB 2.0.11, and possibly other versions, with remote avatars and avatar uploading enabled, allows local users to read arbitrary files by providing both a local and remote location for an avatar, then modifying the "Upload Avatar from a URL:" field to reference the target file.

Date published : 2005-02-22

http://www.kb.cert.org/vuls/id/774686

http://www.phpbb.com/support/documents.php?mode=changelog

Similar

Tags: Cybersecurity Alert