Summary
According to its version number, the remote version of phpbb is prone to an authentication-bypass vulnerability because it fails to properly enforce privilege requirements on some operations.
Attackers can exploit this vulnerability to gain unauthorized access to the affected application, which may aid in further attacks.
Versions prior to phpBB 3.0.4 are vulnerable.
Solution
Updates are available
please see http://www.phpbb.com/.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-6506 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- A4Desk Event Calendar 'eventid' Parameter SQL Injection Vulnerability
- Apache Solr Directory Traversal Vulnerability Jan-14
- Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
- Apache Struts2/XWork Remote Command Execution Vulnerability
- Apache Solr XML External Entity(XXE) Vulnerability-01 Jan-14