CVE-2002-1537 — Group Phpbb vulnerability

2 documents2 sources

Severity

10.0CRITICALNVD

EPSS

0.5%

top 34.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phpbb Group Phpbb

Timeline

PublishedMar 31

Latest updateApr 30

Description

admin_ug_auth.php in phpBB 2.0.0 allows local users to gain administrator privileges by directly calling admin_ug_auth.php with modifed form fields such as "u".

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDphpbb_group/phpbb2.0.0

Patches

Patch: www.iss.net ↗Patch: www.securityfocus.com ↗Patch: www.iss.net ↗

🔴Vulnerability Details

GHSA

GHSA-cgp4-wfr7-8prp: admin_ug_auth↗2022-04-30

▶