Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-201701-25
HistoryJan 11, 2017 - 12:00 a.m.

phpBB: Multiple vulnerabilities

2017-01-1100:00:00
Gentoo Foundation
security.gentoo.org
39

0.003 Low

EPSS

Percentile

71.2%

JSON

Background

phpBB is an Open Source bulletin board package.

Description

Multiple vulnerabilities have been discovered in phpBB. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker may be able to change settings, inject arbitrary web script or HTML, or conduct cross-site request forgery (CSRF) attacks.

Workaround

There is no known workaround at this time.

Resolution

Gentoo Security support has been discontinued due to phpBB being dropped to unstable. As such, we recommend that users unmerge phpBB:

 # emerge --unmerge "www-apps/phpBB"

NOTE: Users could alternatively upgrade to “>=www-apps/phpBB-3.1.10”, however, these packages are not currently marked stable.

OSVersionArchitecturePackageVersionFilename
Gentooanyallwww-apps/phpbb< 3.1.10UNKNOWN

Related

nessus 1
veracode 2
prion 2
cve 2
ubuntucve 2
cvelist 2
nessus
nessus
GLSA-201701-25 : phpBB: Multiple vulnerabilities
2017-01-12 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2017-07-28 08:33:32
Cross-site Request Forgery (CSRF)
2017-07-30 19:44:33
prion
prion
Cross site scripting
2015-02-10 17:59:00
Cross site request forgery (csrf)
2015-02-10 17:59:00
cve
cve
CVE-2015-1431
2015-02-10 17:59:00
CVE-2015-1432
2015-02-10 17:59:01
ubuntucve
ubuntucve
CVE-2015-1431
2015-02-10 00:00:00
CVE-2015-1432
2015-02-10 00:00:00
cvelist
cvelist
CVE-2015-1431
2015-02-10 17:00:00
CVE-2015-1432
2015-02-10 17:00:00

0.003 Low

EPSS

Percentile

71.2%

JSON
Related for GLSA-201701-25
nessus1veracode2prion2cve2ubuntucve2cvelist2