Описание
phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:phpbb:phpbb:2.0:*:*:*:*:*:*:*
cpe:2.3:a:phpbb:phpbb:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:phpbb:phpbb:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:phpbb:phpbb:2.0.3:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00455
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses.
EPSS
Процентиль: 63%
0.00455
Низкий
5 Medium
CVSS2
Дефекты
CWE-200