UBUNTU-CVE-2020-8226

A vulnerability exists in phpBB v3.2.10 and v3.3.1 which allowed remote image dimensions check to be used to SSRF...

Server side request forgery (ssrf)

A vulnerability exists in phpBB v3.2.10 and v3.3.1 which allowed remote image dimensions check to be used to SSRF...

CVE-2020-8226

A vulnerability exists in phpBB v3.2.10 and v3.3.1 which allowed remote image dimensions check to be used to SSRF...

CVE-2020-8226

CVE-2020-8226 affects phpBB via a Server-Side Request Forgery (SSRF) vulnerability in the remote image dimensions check. Affected versions are phpBB < v3.2.10 and

PT-2020-20038 · Phpbb · Phpbb

Name of the Vulnerable Software and Affected Versions: phpBB versions prior to 3.2.10 phpBB versions prior to 3.3.1 Description: A vulnerability exists that allows the remote image dimensions check to be used for Server-Side Request Forgery SSRF. Recommendations: For versions prior to 3.2.10,...

phpBB < 3.2.10, 3.3.0 Multiple Vulnerabilities

phpBB is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpbb:phpbb"; ifdescription...

Vulnerability which allows remote image dimensions check to be used to SSRF

More info at https://www.phpbb.com/community/viewtopic.php?f=14&t=2562636...

Vulnerability which allows remote image dimensions check to be used to SSRF

More info at https://www.phpbb.com/community/viewtopic.php?f=14&t=2562636...

CVE-2019-16108

phpBB 3.2.7 allows adding an arbitrary Cascading Style Sheets CSS token sequence to a page through BBCode...

CVE-2019-16108

phpBB 3.2.7 allows adding an arbitrary Cascading Style Sheets CSS token sequence to a page through BBCode...

Code injection

phpBB 3.2.7 allows adding an arbitrary Cascading Style Sheets CSS token sequence to a page through BBCode...

phpBB Injection Vulnerability

phpBB is a set of open source and PHP-based Web forum software . The software has support for multiple languages , multiple databases and customized layout and so on. phpBB 3.2.7 version of an injection vulnerability , the vulnerability stems from the program fails to validate the BBCode paramete...

CVE-2019-16108

phpBB 3.2.7 allows adding an arbitrary Cascading Style Sheets CSS token sequence to a page through BBCode...

CVE-2019-16108

Summary (CVE-2019-16108): phpBB 3.2.7 is vulnerable to CSS injection via BBCode that can inject an arbitrary CSS token sequence into a page. The root cause is insecure handling/validation of BBCode parameters, enabling an attacker to alter page styling. The vulnerability affects phpBB 3.2.7; no e...

phpBB Cross-Site Request Forgery Vulnerability (CNVD-2020-19555)

phpBB is a set of open source and PHP-based Web forum software . The software has support for multiple languages , multiple databases and customized layout and so on. A cross-site request forgery vulnerability exists in phpBB 3.2.7, which can be exploited by attackers to delete post attachments...

CVE-2019-16107

Missing form token validation in phpBB 3.2.7 allows CSRF in deleting post attachments...

CVE-2019-16107

Missing form token validation in phpBB 3.2.7 allows CSRF in deleting post attachments...

Cross site request forgery (csrf)

Missing form token validation in phpBB 3.2.7 allows CSRF in deleting post attachments...

CVE-2019-16107

phpBB 3.2.7 is vulnerable to Cross-Site Request Forgery (CSRF) due to missing form token validation when deleting post attachments. This CVE-2019-16107 is corroborated by Red Hat, OSV, GHSA, CNVD/NVD, and CVE listings. The available sources describe the issue and affected behavior but do not prov...

CVE-2019-16107

Missing form token validation in phpBB 3.2.7 allows CSRF in deleting post attachments...