Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2006-0438

Опубликовано: 06 фев. 2006
Источник: ubuntu
Приоритет: negligible
CVSS2: 5

Описание

Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.19, when Link to off-site Avatar or bbcode (IMG) are enabled, allows remote attackers to perform unauthorized actions as a logged in user via a link or IMG tag in a user profile, as demonstrated using links to (1) admin/admin_users.php and (2) modcp.php.

РелизСтатусПримечание
dapper

ignored

end of life
devel

DNE

edgy

ignored

end of life, was needed
feisty

ignored

end of life, was needed
gutsy

ignored

end of life, was needed
hardy

not-affected

2.0.22-3
intrepid

not-affected

2.0.23+repack-4
jaunty

DNE

karmic

DNE

upstream

released

2.0.20

Показывать по

Ссылки на источники

5 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2006-0438

nvd
около 20 лет назад

Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.19, when Link to off-site Avatar or bbcode (IMG) are enabled, allows remote attackers to perform unauthorized actions as a logged in user via a link or IMG tag in a user profile, as demonstrated using links to (1) admin/admin_users.php and (2) modcp.php.

debian логотип

CVE-2006-0438

debian
около 20 лет назад

Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.19, when ...

github логотип

GHSA-9gcp-v627-wxgc

github
почти 4 года назад

Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.19, when Link to off-site Avatar or bbcode (IMG) are enabled, allows remote attackers to perform unauthorized actions as a logged in user via a link or IMG tag in a user profile, as demonstrated using links to (1) admin/admin_users.php and (2) modcp.php.

5 Medium

CVSS2