Phpbb Group » Phpbb » 2.0.8 : Security Vulnerabilities, CVEs, Published In 2005 (Directory traversal)
Directory traversal vulnerability in (1) usercp_register.php and (2) usercp_avatar.php for phpBB 2.0.11, and possibly other versions, with gallery avatars enabled, allows remote attackers to delete (unlink) arbitrary files via "/../" sequences in the avatarselect parameter.
Max CVSS
5.0
EPSS Score
0.95%
Published
2005-03-14
Updated
2008-09-10
1 vulnerabilities found