Описание
usercp_register.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signature_bbcode_uid parameter, as demonstrated by injecting an "e" modifier into a preg_replace statement.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.0.18-2 |
| devel | released | 2.0.18-2 |
| edgy | released | 2.0.18-2 |
| feisty | released | 2.0.18-2 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
7.5 High
CVSS2
Связанные уязвимости
usercp_register.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signature_bbcode_uid parameter, as demonstrated by injecting an "e" modifier into a preg_replace statement.
usercp_register.php in phpBB 2.0.17 allows remote attackers to modify ...
usercp_register.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signature_bbcode_uid parameter, as demonstrated by injecting an "e" modifier into a preg_replace statement.
7.5 High
CVSS2