| VID |
21400 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The phpBB, according to its version number, has multiple input validation vulnerabilities in the login form. The phpBB is a open-source bulletin board software package, which uses MySQL, MS-SQL, PostgreSQL or Access/ODBC database. phpBB versions 2.0.10 and earlier are affected by multiple input validation vulnerabilities in the login form as follow:
The first issue is a cross-site scripting issue in the login form; Apparently the 'username' field is not properly sanitized prior to inclusion in dynamic content. This would facilitate cross-site scripting attacks.
The second issue affects the same 'username' field of the login form. Apparently this field is used in an SQL query without proper sanitization. This would facilitate SQL injection attacks.
An attacker may leverage these issues to execute arbitrary client side script code in the browser of an unsuspecting user and inject arbitrary SQL syntax into SQL queries. This may potentially lead to theft of cookie-based authentication credentials, theft of sensitive information or corruption of data as well as other attacks.
* Note: This check solely relied on the version of the remote phpBB installed on the web server to assess this vulnerability, so this might be a false positive.
* Platforms Affected:
phpBB Group, phpBB 2.0.9 and earlier
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of phpBB (2.0.10 or later), available from the phpBB Web site at http://www.phpbb.com/index.php |
| Related URL |
(CVE) |
| Related URL |
11716 (SecurityFocus) |
| Related URL |
(ISS) |
|
