CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-2346

phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.2%

CVSS Severity

CVSS v2 Score 5.0

References

http://online.securityfocus.com/archive/1/294560
http://www.iss.net/security_center/static/10323.php
http://www.securityfocus.com/bid/5923
http://online.securityfocus.com/archive/1/294560
http://www.iss.net/security_center/static/10323.php
http://www.securityfocus.com/bid/5923

Products affected by CVE-2002-2346

Phpbb » Phpbb » Version: 2.0

cpe:2.3:a:phpbb:phpbb:2.0
Phpbb » Phpbb » Version: 2.0.1

cpe:2.3:a:phpbb:phpbb:2.0.1
Phpbb » Phpbb » Version: 2.0.2

cpe:2.3:a:phpbb:phpbb:2.0.2
Phpbb » Phpbb » Version: 2.0.3

cpe:2.3:a:phpbb:phpbb:2.0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-2346

Products

Pricing

Contact Us