Vulnerability CVE-2005-4358


Published: 2005-12-19   Modified: 2012-02-12

Description:
admin/admin_disallow.php in phpBB 2.0.18 allows remote attackers to obtain the installation path via a direct request with a non-empty setmodules parameter, which causes an invalid append_sid function call that leaks the path in an error message.

See advisories in our WLB2 database:
Topic
Author
Date
Low
phpBB 2.0.18 XSS and Full Path Disclosure
Maksymilian Arci...
17.12.2005

Type:

CWE-Other

Vendor: Phpbb group
Product: Phpbb 
Version: 2.0.18;

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None

 References:
http://marc.info/?l=full-disclosure&m=113484567432679&w=2
http://securityreason.com/achievement_securityalert/29
http://securityreason.com/securityalert/269
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=352966
http://www.securityfocus.com/archive/1/420537/100/0/threaded
http://www.vupen.com/english/advisories/2005/2991
http://www.vupen.com/english/advisories/2006/0010

Related CVE
CVE-2007-1695
** DISPUTED ** PHP remote file inclusion vulnerability in includes/usercp_register.php in phpBB 2.0.19 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: this issue has been disputed by third-par...
CVE-2006-7077
SQL injection vulnerability in guestbook.php in Advanced Guestbook 2.4 for phpBB allows remote attackers to execute arbitrary SQl commands via the entry parameter.
CVE-2006-7076
Cross-site scripting (XSS) vulnerability in guestbook.php in Advanced Guestbook 2.4 for phpBB allows remote attackers to inject arbitrary web script or HTML via the entry parameter. NOTE: this issue might be resultant from SQL injection.
CVE-2006-6841
Certain forms in phpBB before 2.0.22 lack session checks, which has unknown impact and remote attack vectors.
CVE-2006-6839
Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to "criteria for 'bad' redirection targets."
CVE-2006-6840
Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to a "negative start parameter."
CVE-2006-6508
Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.21 allows remote authenticated users to send unauthorized messages as an arbitrary user via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtain...
CVE-2006-6421
Cross-site scripting (XSS) vulnerability in the private message box implementation (privmsg.php) in phpBB 2.0.x allows remote authenticated users to inject arbitrary web script or HTML via the "Message body" field in a message to a non-existent user.

Copyright 2019, cxsecurity.com

 

Back to Top