• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

PHPBB Session.PHP Autologin User_Level Privilege Escalation Vulnerability

phpBB is reported prone to a privilege escalation vulnerability. The issue is reported to exist when an autologin fails.

A remote attacker may potentially exploit this vulnerability to gain access to parts of the affected website that should only be visible to a website administrator.

Information harvested through exploitation of this vulnerability may be employed to aid in further attacks against the affected site.

This vulnerability is reported to affect phpBB versions up to up to 2.0.13.