2 matches found
CVE-2006-0438
Cross-site request forgery CSRF vulnerability in phpBB 2.0.19, when Link to off-site Avatar or bbcode IMG are enabled, allows remote attackers to perform unauthorized actions as a logged in user via a link or IMG tag in a user profile, as demonstrated using links to 1 admin/adminusers.php and 2...
CVE-2006-0438
CVE-2006-0438 is a CSRF vulnerability in phpBB 2.0.19 where enabling Link to off-site Avatar or bbcode (IMG) allows an attacker to perform actions as a logged-in user via a link or image in a profile (e.g., admin/admin_users.php, modcp.php). The NVD entry lists a CVSSv2 base score of 5.0 (Medium)...