Description
phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses.
Remediation
References
Related Vulnerabilities
Microsoft SQL Server Other Vulnerability (CVE-2000-1086)
Ampache Improper Access Control Vulnerability (CVE-2021-21399)
Apache 2.x version older than 2.0.63
MySQL CVE-2013-0368 Vulnerability (CVE-2013-0368)
WordPress Plugin Translate WordPress-Google Language Translator Cross-Site Scripting (6.0.11)