CVE-2006-4758Group Phpbb vulnerability

2 documents2 sources
Severity
4.6MEDIUMNVD
EPSS
2.8%
top 13.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Phpbb Group Phpbb
Timeline
PublishedSep 13
Latest updateMay 1

Description

phpBB 2.0.21 does not properly handle pathnames ending in %00, which allows remote authenticated administrative users to upload arbitrary files, as demonstrated by a query to admin/admin_board.php with an avatar_path parameter ending in .php%00.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

NVDphpbb_group/phpbb2.0.21

🔴Vulnerability Details

1
GHSA
GHSA-97xh-65pc-g79h: phpBB 22022-05-01