Описание
phpBB 2.0.17 and earlier, when the register_long_arrays directive is disabled, allows remote attackers to modify global variables and bypass security mechanisms because PHP does not define the associated HTTP_* variables.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.0.18-2 |
| devel | released | 2.0.18-2 |
| edgy | released | 2.0.18-2 |
| feisty | released | 2.0.18-2 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
Связанные уязвимости
phpBB 2.0.17 and earlier, when the register_long_arrays directive is disabled, allows remote attackers to modify global variables and bypass security mechanisms because PHP does not define the associated HTTP_* variables.
phpBB 2.0.17 and earlier, when the register_long_arrays directive is d ...
phpBB 2.0.17 and earlier, when the register_long_arrays directive is disabled, allows remote attackers to modify global variables and bypass security mechanisms because PHP does not define the associated HTTP_* variables.
EPSS
7.5 High
CVSS2