Vulnerability Details : CVE-2008-6506
Unspecified vulnerability in phpBB before 3.0.4 allows attackers to bypass intended access restrictions and activate de-activated accounts via unknown vectors.
Products affected by CVE-2008-6506
- cpe:2.3:a:phpbb:phpbb:*:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:2.0.22:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.0:rc5:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.0:rc7:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.0:rc8:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:2.01:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.0:rc6:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2008-6506
0.29%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 69 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-6506
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2008-6506
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-6506
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/47370
-
http://www.securityfocus.com/bid/32842
-
http://www.phpbb.com/support/documents.php?mode=changelog&version=3#v303
phpBB • Support
-
http://www.phpbb.com/community/viewtopic.php?f=14&t=1352565
phpBB • phpBB 3.0.4 releasedVendor Advisory
-
http://www.openwall.com/lists/oss-security/2009/02/06/2
oss-security - CVE request: phpbb < 3.0.4
Jump to