Description

Cross-site request forgery (CSRF) vulnerability in privmsg.php in phpBB 2.0.22 allows remote attackers to delete private messages (PM) as arbitrary users via a deleteall action.

Remediation

References

CVE-2008-0471

Related Vulnerabilities

WordPress Plugin Annonces 'abspath' Parameter Remote File Include (1.2.0.0)

Joomla! Core Security Bypass (2.5.0 - 3.9.19)

MySQL CVE-2017-3459 Vulnerability (CVE-2017-3459)

MySQL CVE-2020-14656 Vulnerability (CVE-2020-14656)

ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9466)

Severity

Medium

Classification

CVE-2008-0471 CWE-352

Tags

Missing Update Known Vulnerabilities