Vulnerability Description
feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check permissions for feeds, which allows remote attackers to bypass intended access restrictions via unspecified attack vectors related to permission settings on a private forum.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phpbb | Phpbb | 3.0.7 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2010/05/16/1
- http://www.openwall.com/lists/oss-security/2010/05/18/6
- http://www.phpbb.com/community/viewtopic.php?f=14&t=2014195PatchVendor Advisory
- http://www.openwall.com/lists/oss-security/2010/05/16/1
- http://www.openwall.com/lists/oss-security/2010/05/18/6
- http://www.phpbb.com/community/viewtopic.php?f=14&t=2014195PatchVendor Advisory
FAQ
What is CVE-2010-1627?
CVE-2010-1627 is a vulnerability with a CVSS score of 4.3 (MEDIUM). feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check permissions for feeds, which allows remote attackers to bypass intended access restrictions via unspecified attack vectors related to p...
How severe is CVE-2010-1627?
CVE-2010-1627 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-1627?
Check the references section above for vendor advisories and patch information. Affected products include: Phpbb Phpbb.