Vulnerability Details CVE-2010-1627
feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check permissions for feeds, which allows remote attackers to bypass intended access restrictions via unspecified attack vectors related to permission settings on a private forum.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.2%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www.openwall.com/lists/oss-security/2010/05/16/1
- http://www.openwall.com/lists/oss-security/2010/05/18/6
- http://www.phpbb.com/community/viewtopic.php?f=14&t=2014195
- http://www.openwall.com/lists/oss-security/2010/05/16/1
- http://www.openwall.com/lists/oss-security/2010/05/18/6
- http://www.phpbb.com/community/viewtopic.php?f=14&t=2014195