2 matches found
CVE-2008-4125
The search function in phpBB 2.x provides a searchid value that leaks the state of PHP's PRNG, which allows remote attackers to obtain potentially sensitive information, as demonstrated by a cross-application attack against WordPress, a different vulnerability than CVE-2006-0632...
CVE-2008-4125
The CVE-2008-4125 entry fixes a PHP/phpBB 2.x issue where the search_id value leaks PHP’s PRNG state, enabling remote disclosure of potentially sensitive information. The vulnerability is demonstrated via a cross-application attack against WordPress; no explicit exploit details or remediation are...