CVE-2008-1766
phpBB 3.0.x before 3.0.1 contains multiple information-disclosure vulnerabilities, linked to two minor security bugs. An attacker with valid credentials could potentially disclose member emails by searching the member list and access other users’ PM attachments by knowing attachment IDs. A patch ...