phpBB cross-site request forgery vulnerability (CNVD-2020-03224)

phpBB is a set of open source and PHP-based Web forum software . The software has support for multiple languages , multiple databases and customized layout and so on. A cross-site request forgery vulnerability exists in phpBB. An attacker can use this vulnerability to modify the group avatar...

phpBB cross-site request forgery vulnerability (CNVD-2020-03226)

phpBB is a set of open source and PHP-based Web forum software . The software has support for multiple languages , multiple databases and customized layout and so on. A cross-site request forgery vulnerability exists in phpBB. An attacker can exploit this vulnerability to approve the identity of...

Cross-Site Request Forgery (CSRF)

phpbb/phpbb is vulnerable to cross-site request forgery CSRF. The vulnerability exists as an invalid token can be used for submitting new avatars in ucp/ucpgroups.php...

Cross-Site Request Forgery (CSRF)

phpBB/phpbb is vulnerable to cross-site request forgery CSRF. A remote attacker is able to approve pending group memberships on behalf of the administrator. The vulnerability exists as the application does not validate and verify the authenticity of requests...

CVE-2020-5501

phpBB 3.2.8 allows a CSRF attack that can modify a group avatar...

CVE-2020-5502

phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships...

CVE-2020-5501

phpBB 3.2.8 allows a CSRF attack that can modify a group avatar...

CVE-2020-5502

phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships...

Cross site request forgery (csrf)

phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships...

Cross site request forgery (csrf)

phpBB 3.2.8 allows a CSRF attack that can modify a group avatar...

CVE-2020-5502

phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships...

CVE-2020-5502

The CVE-2020-5502 entry concerns phpBB 3.2.8, where a cross-site request forgery (CSRF) vulnerability could approve pending group memberships. The connected documents corroborate the same issue across multiple feeds (Red Hat, OSV, GHSA, CNVD, NVD, and other vulnerability trackers) without providi...

CVE-2020-5501

CVE-2020-5501 affects phpBB 3.2.8, where a cross-site request forgery (CSRF) vulnerability allows an attacker to modify a group avatar. The description and corroborating records (Red Hat, OSV, GHSA entries, CNVD, and CVE listings) consistently identify the impact as avatar modification via CSRF. ...

CVE-2020-5501

phpBB 3.2.8 allows a CSRF attack that can modify a group avatar...

PT-2020-18482 · Phpbb Limited · Phpbb

Name of the Vulnerable Software and Affected Versions: phpBB version 3.2.8 Description: The issue allows for a CSRF attack, which can be used to modify a group avatar. Recommendations: For phpBB version 3.2.8, update to a newer version that contains a fix for this issue...

PT-2020-18483 · Phpbb Limited · Phpbb

Name of the Vulnerable Software and Affected Versions: phpBB version 3.2.8 Description: The issue allows for a CSRF attack, enabling the approval of pending group memberships without proper authorization. Recommendations: For phpBB version 3.2.8, update to a newer version that contains a fix for...

phpBB < 3.2.9 Multiple Vulnerabilities

phpBB is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpbb:phpbb"; ifdescription...

CVE-2011-0544

phpbb 3.0.x-3.0.6 has an XSS vulnerability via the flash BB tag...

CVE-2011-0544

phpbb 3.0.x-3.0.6 has an XSS vulnerability via the flash BB tag...

Design/Logic Flaw

phpbb 3.0.x-3.0.6 has an XSS vulnerability via the flash BB tag...