phpBB Avatar Upload HTML Injection Vulnerability

Bugtraq ID: 15170
Class: Input Validation Error
CVE: CVE-2005-3310
Remote: Yes
Local: No
Published: Oct 22 2005 12:00AM
Updated: May 10 2006 10:39PM
Credit: alphakgen@gmail.com is credited with the discovery of this vulnerability.
Vulnerable: phpBB Group phpBB 2.0.17
phpBB Group phpBB 2.0.16
phpBB Group phpBB 2.0.15
phpBB Group phpBB 2.0.14
phpBB Group phpBB 2.0.13
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
Not Vulnerable: phpBB Group phpBB 2.0.18


 

Privacy Statement
Copyright 2010, SecurityFocus