CVE-2005-0259

2005-03-14T00:00:00
ID CVE-2005-0259
Type cve
Reporter NVD
Modified 2008-09-10T15:35:13

Description

phpBB 2.0.11, and possibly other versions, with remote avatars and avatar uploading enabled, allows local users to read arbitrary files by providing both a local and remote location for an avatar, then modifying the "Upload Avatar from a URL:" field to reference the target file.