Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2015-1432

Опубликовано: 10 фев. 2015
Источник: nvd
CVSS2: 6.8
EPSS Низкий

Описание

The message_options function in includes/ucp/ucp_pm_options.php in phpBB before 3.0.13 does not properly validate the form key, which allows remote attackers to conduct CSRF attacks and change the full folder setting via unspecified vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:phpbb:phpbb:*:*:*:*:*:*:*:*
Версия до 3.0.12 (включая)

EPSS

Процентиль: 66%
0.00508
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

ubuntu логотип

CVE-2015-1432

ubuntu
почти 11 лет назад

The message_options function in includes/ucp/ucp_pm_options.php in phpBB before 3.0.13 does not properly validate the form key, which allows remote attackers to conduct CSRF attacks and change the full folder setting via unspecified vectors.

debian логотип

CVE-2015-1432

debian
почти 11 лет назад

The message_options function in includes/ucp/ucp_pm_options.php in php ...

github логотип

GHSA-m45m-xf2m-pmfw

github
больше 3 лет назад

The message_options function in includes/ucp/ucp_pm_options.php in phpBB before 3.0.13 does not properly validate the form key, which allows remote attackers to conduct CSRF attacks and change the full folder setting via unspecified vectors.

EPSS

Процентиль: 66%
0.00508
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352