Detections
Analytics
phpBB <= 2.0.14 Multiple Vulnerabilities
medium Nessus Plugin ID 18124
Language:
Synopsis
The remote web server contains a PHP application that is affected by multiple vulnerabilities.Description
According to its banner, the remote host is running a version of phpBB that suffers from multiple flaws:- A BBCode Input Validation Vulnerability The application fails to properly filter for the BBCode URL in the 'includes/bbcode.php' script. With a specially crafted URL, an attacker could cause arbitrary script code to be executed in a user's browser, possibly even to modify registry entries without the user's knowledge.
- Cross-Site Scripting Vulnerabilities The application does not properly sanitize user-supplied input to the 'forumname' and 'forumdesc' parameters of the 'admin/admin_forums.php' script. By enticing a phpBB administrator to visit a specially crafted link, an attacker can potentially steal the admin's session cookie or perform other attacks.
- Improper Filtering of HTML Code The application does not completely filter user-supplied input to the 'u' parameter of the 'profile.php' script or the 'highlight' parameter of the 'viewtopic.php' script.
Solution
Upgrade to phpBB version 2.0.15 or later.See Also
Plugin Details
Severity: Medium
ID: 18124
File Name: phpbb_2_0_14.nasl
Version: 1.27
Type: remote
Family: CGI abuses
Published: 4/25/2005
Updated: 4/11/2022
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.0
CVSS v2
Risk Factor: Medium
Base Score: 4.3
Temporal Score: 3.4
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
Vulnerability Information
CPE: cpe:/a:phpbb_group:phpbb
Required KB Items: www/phpBB
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Ease: No exploit is required
Vulnerability Publication Date: 4/23/2005
Reference Information
CVE: CVE-2005-1193, CVE-2005-1290