34 matches found
CVE-2019-11767
Server side request forgery SSRF in phpBB before 3.2.6 allows checking for the existence of files and services on the local network of the host through the remote avatar upload function...
EUVD-2005-0260
Malware in sbrugna...
EUVD-2022-2825
Malicious code in bioql PyPI...
EUVD-2022-3403
Malicious code in bioql PyPI...
EUVD-2022-2389
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2019-13376
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpBB version 3.2.7 allows the stealing of an Administration Control Panel session id by leveraging CSRF in the Remote Avatar feature. The CSRF Token Hijacking...
CVE-2017-1000419
phpBB version 3.2.0 is vulnerable to SSRF in the Remote Avatar function resulting allowing an attacker to perform port scanning, requesting internal content and potentially attacking such internal services via the web application...
CVE-2019-13376
phpBB version 3.2.7 allows the stealing of an Administration Control Panel session id by leveraging CSRF in the Remote Avatar feature. The CSRF Token Hijacking leads to stored XSS...
GHSA-6MH2-98GR-WV76 phpBB Cross-Site Request Forgery (CSRF)
phpBB version 3.2.7 allows the stealing of an Administration Control Panel session id by leveraging CSRF in the Remote Avatar feature. The CSRF Token Hijacking leads to stored XSS...
phpBB Cross-Site Request Forgery (CSRF)
phpBB version 3.2.7 allows the stealing of an Administration Control Panel session id by leveraging CSRF in the Remote Avatar feature. The CSRF Token Hijacking leads to stored XSS...
GHSA-4HX9-P925-QCV7 phpBB Server side request forgery (SSRF)
Server side request forgery SSRF in phpBB before 3.2.6 allows checking for the existence of files and services on the local network of the host through the remote avatar upload function...
GHSA-9JM4-RG99-566C phpBB Server-Side Request Forgery (SSRF)
phpBB version 3.2.0 is vulnerable to SSRF in the Remote Avatar function resulting allowing an attacker to perform port scanning, requesting internal content and potentially attacking such internal services via the web application...
phpBB Server-Side Request Forgery (SSRF)
phpBB version 3.2.0 is vulnerable to SSRF in the Remote Avatar function resulting allowing an attacker to perform port scanning, requesting internal content and potentially attacking such internal services via the web application...
CVE-2019-13376
phpBB version 3.2.7 allows the stealing of an Administration Control Panel session id by leveraging CSRF in the Remote Avatar feature. The CSRF Token Hijacking leads to stored XSS...
CVE-2019-13376
phpBB version 3.2.7 allows the stealing of an Administration Control Panel session id by leveraging CSRF in the Remote Avatar feature. The CSRF Token Hijacking leads to stored XSS...
Cross site request forgery (csrf)
phpBB version 3.2.7 allows the stealing of an Administration Control Panel session id by leveraging CSRF in the Remote Avatar feature. The CSRF Token Hijacking leads to stored XSS...
UBUNTU-CVE-2019-13376
phpBB version 3.2.7 allows the stealing of an Administration Control Panel session id by leveraging CSRF in the Remote Avatar feature. The CSRF Token Hijacking leads to stored XSS...
CVE-2019-13376
CVE-2019-13376 affects phpBB version 3.2.7. The vulnerability arises from CSRF in the Remote Avatar feature, enabling token hijacking that can steal an Administration Control Panel session ID and leads to stored XSS. The connected documents corroborate the affected component and the root cause (C...
CVE-2019-13376
phpBB version 3.2.7 allows the stealing of an Administration Control Panel session id by leveraging CSRF in the Remote Avatar feature. The CSRF Token Hijacking leads to stored XSS...
CVE-2019-11767
Server side request forgery SSRF in phpBB before 3.2.6 allows checking for the existence of files and services on the local network of the host through the remote avatar upload function...