| VID |
21564 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
A version of phpBB software which is older or as old as than version 2.0.14 is detected as installed on the host. phpBB is a open-source bulletin board software package, which uses MySQL, MS-SQL, PostgreSQL or Access/ODBC database. phpBB2 2.0.14 versions and earlier are vulnerable to multiple input validation vulnerabilities, which can be exploited by remote attackers to conduct cross-site scripting and SQL injection attacks.
1) User-supplied input passed to the 'forumname' or 'forumdesc' parameters of the
'admin/admin_forums.php' script isn't properly sanitized before being returned to users. These could be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site.
2) User-supplied input passed to the 'u' parameter of the 'profile.php' script or the 'highlight' parameter of the 'viewtopic.php' script isn't properly sanitized before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
* References:
http://archives.neohapsis.com/archives/bugtraq/2005-04/0383.html
* Platforms Affected:
phpBB Group, phpBB versions prior to 2.0.15
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of phpBB (2.0.15 or later), available from the phpBB Web site at http://www.phpbb.com/downloads.php |
| Related URL |
CVE-2005-1290 (CVE) |
| Related URL |
13344,13345 (SecurityFocus) |
| Related URL |
20248 (ISS) |
|
