Sensitive Information Exposure in phpBB by phpBB Group
CVE-2008-6507

Currently unrated

Key Information:

Vendor: PHPbb
Status: PHPbb
Vendor: CVE Published:; 23 March 2009

What is CVE-2008-6507?

A vulnerability exists in versions of phpBB prior to 3.0.4 that permits unauthorized access to sensitive information. Attackers exploiting this flaw may retrieve sensitive content through private messages that reference posts in password-protected forums, notably due to the absence of required password prompts. This exposes users to potential data breaches, as the lack of proper authentication mechanisms within private messaging allows unauthorized users to access confidential discussions.

References

http://www.phpbb.com/community/viewtopic.php?f=14&t=1352565

x_refsource_CONFIRM

http://secunia.com/advisories/33166

third-party-advisoryx_refsource_SECUNIA

http://www.phpbb.com/support/documents.php?mode=changelog...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 23, 2009

CVE-2008-6507 Data

JSON

PHPbb

What is CVE-2008-6507?

References

Timeline