Описание
SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php.
Ссылки
- ExploitVendor Advisory
- Patch
- ExploitPatch
- ExploitVendor Advisory
- Patch
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:phpbb_group:phpbb:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:phpbb_group:phpbb:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:phpbb_group:phpbb:2.0.2:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01164
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
debian
больше 21 года назад
SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and ...
github
больше 3 лет назад
SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php.
EPSS
Процентиль: 78%
0.01164
Низкий
7.5 High
CVSS2
Дефекты
CWE-89