Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2006-0438

Опубликовано: 06 фев. 2006
Источник: ubuntu
Приоритет: negligible
EPSS Низкий
CVSS2: 5

Описание

Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.19, when Link to off-site Avatar or bbcode (IMG) are enabled, allows remote attackers to perform unauthorized actions as a logged in user via a link or IMG tag in a user profile, as demonstrated using links to (1) admin/admin_users.php and (2) modcp.php.

РелизСтатусПримечание
dapper

ignored

end of life
devel

DNE

edgy

ignored

end of life, was needed
feisty

ignored

end of life, was needed
gutsy

ignored

end of life, was needed
hardy

not-affected

2.0.22-3
intrepid

not-affected

2.0.23+repack-4
jaunty

DNE

karmic

DNE

upstream

released

2.0.20

Показывать по

Ссылки на источники

EPSS

Процентиль: 71%
0.00745
Низкий

5 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2006-0438

nvd
почти 20 лет назад

Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.19, when Link to off-site Avatar or bbcode (IMG) are enabled, allows remote attackers to perform unauthorized actions as a logged in user via a link or IMG tag in a user profile, as demonstrated using links to (1) admin/admin_users.php and (2) modcp.php.

debian логотип

CVE-2006-0438

debian
почти 20 лет назад

Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.19, when ...

github логотип

GHSA-9gcp-v627-wxgc

github
больше 3 лет назад

Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.19, when Link to off-site Avatar or bbcode (IMG) are enabled, allows remote attackers to perform unauthorized actions as a logged in user via a link or IMG tag in a user profile, as demonstrated using links to (1) admin/admin_users.php and (2) modcp.php.

EPSS

Процентиль: 71%
0.00745
Низкий

5 Medium

CVSS2