CVE-2005-0259

2005-03-14T05:00:00
ID CVE-2005-0259
Type cve
Reporter cve@mitre.org
Modified 2008-09-10T19:35:00

Description

phpBB 2.0.11, and possibly other versions, with remote avatars and avatar uploading enabled, allows local users to read arbitrary files by providing both a local and remote location for an avatar, then modifying the "Upload Avatar from a URL:" field to reference the target file.