Summary
This host is running phpBB and is prone to security bypass vulnerability.
Impact
Successful exploitation will allow attacker to bypass intended access restrictions via unspecified attack vectors.
Impact Level: Application
Solution
Upgrade phpBB to 3.0.7-PL1 or later,
For updates refer to http://www.phpbb.com/downloads/
Insight
The flaw is due to error in 'feed.php', which does not properly check permissions for feeds.
Affected
phpBB version 3.0.7 before 3.0.7-PL1
References
Severity
Classification
-
CVE CVE-2010-1627 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
- Alt-N WebAdmin Remote Source Code Information Disclosure Vulnerability
- Apache Tomcat NIO Connector Denial of Service Vulnerability
- Apache Open For Business HTML injection vulnerability
- AdaptCMS 'init.php' Remote File Include Vulnerability