Remote Access Vulnerability in phpBB Forum Software
CVE-2010-1627

Currently unrated

Key Information:

Vendor: PHPbb
Status: PHPbb
Vendor: CVE Published:; 19 May 2010

What is CVE-2010-1627?

The feed.php file in phpBB versions 3.0.7 and earlier lacks proper permission checks for feeds, enabling unauthorized remote attackers to exploit this flaw and circumvent intended access controls on private forums. This vulnerability may lead to unauthorized access to sensitive information or functionality, emphasizing the need for prompt updates to secure forum environments.

References

http://www.openwall.com/lists/oss-security/2010/05/18/6

mailing-listx_refsource_MLIST

http://www.phpbb.com/community/viewtopic.php?f=14&t=2014195

x_refsource_CONFIRM

http://www.openwall.com/lists/oss-security/2010/05/16/1

mailing-listx_refsource_MLIST

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
May 19, 2010

CVE-2010-1627 Data

JSON

PHPbb

What is CVE-2010-1627?

References

Timeline