3 matches found
Debian DSA-1488-1 : phpbb2 - several vulnerabilities
Several remote vulnerabilities have been discovered in phpBB, a web-based bulletin board. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0471 Private messaging allowed cross site request forgery, making it possible to delete all private messages of...
[SECURITY] [DSA 1488-1] New phpbb2 packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1488-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst February 09, 2008 http://www.debian.org/security/faq -...
CVE-2008-0471
CVE-2008-0471 concerns phpBB 2.0.22 where a CSRF flaw in privmsg.php enables an attacker to delete a user’s private messages via a crafted request (deleteall). Public sources confirm the vulnerability in phpBB2 and note remediation through Debian updates (DSA-1488-1) and corresponding fixes in si...