Lucene search
MitreCVELIST:CVE-2015-1432HistoryFeb 10, 2015 - 5:00 p.m.
CVE-2015-1432
2015-02-1017:00:00
mitre
www.cve.org
The message_options function in includes/ucp/ucp_pm_options.php in phpBB before 3.0.13 does not properly validate the form key, which allows remote attackers to conduct CSRF attacks and change the full folder setting via unspecified vectors.
References
seclists.org/oss-sec/2015/q1/373
www.securityfocus.com/bid/72399
exchange.xforce.ibmcloud.com/vulnerabilities/100671
github.com/phpbb/phpbb/commit/23069a13e203985ab124d1139e8de74b12778449
github.com/phpbb/phpbb/pull/3311
security.gentoo.org/glsa/201701-25
tracker.phpbb.com/browse/PHPBB3-13526
wiki.phpbb.com/Release_Highlights/3.0.13
Related
nvd
nvd
CVE-2015-1432
2015-02-10 17:59:01
prion
prion
Cross site request forgery (csrf)
2015-02-10 17:59:00
veracode
veracode
Cross-site Request Forgery (CSRF)
2017-07-30 19:44:33
ubuntucve
ubuntucve
CVE-2015-1432
2015-02-10 00:00:00
cve
cve
CVE-2015-1432
2015-02-10 17:59:01
gentoo
gentoo
phpBB: Multiple vulnerabilities
2017-01-11 00:00:00
nessus
nessus
GLSA-201701-25 : phpBB: Multiple vulnerabilities
2017-01-12 00:00:00