Vulnerability Details CVE-2006-6841
Certain forms in phpBB before 2.0.22 lack session checks, which has unknown impact and remote attack vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.4%
CVSS Severity
CVSS v2 Score 10.0
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405980
- http://secunia.com/advisories/28871
- http://www.debian.org/security/2008/dsa-1488
- http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624
- http://www.securityfocus.com/bid/21806
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405980
- http://secunia.com/advisories/28871
- http://www.debian.org/security/2008/dsa-1488
- http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624
- http://www.securityfocus.com/bid/21806
Products affected by CVE-2006-6841
-
cpe:2.3:a:phpbb_group:phpbb:1.2.4_rc3
-
cpe:2.3:a:phpbb_group:phpbb:2.0.18
-
cpe:2.3:a:phpbb_group:phpbb:2.0.20
-
cpe:2.3:a:phpbb_group:phpbb:2.0.21