2 matches found
CVE-2013-5724
CVE-2013-5724 affects phpBB3 up to version 3.0.11-4 used in Debian GNU/Linux. The issue arises from world-writable permissions on cache files, enabling local users to modify file contents through standard filesystem writes. The vulnerability is localized to systems running the affected phpBB3 pac...
Debian DSA-2752-1 : phpbb3 - permissions too wide
Andreas Beckmann discovered that phpBB, a web forum, as installed in Debian, sets incorrect permissions for cached files, allowing a malicious local user to overwrite them. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...