Description

feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check permissions for feeds, which allows remote attackers to bypass intended access restrictions via unspecified attack vectors related to permission settings on a private forum.

Remediation

References

CVE-2010-1627

Related Vulnerabilities

WordPress Plugin Feed Them Gallery Cross-Site Scripting (1.1.8)

PHP Incorrect Calculation of Buffer Size Vulnerability (CVE-2025-1861)

MySQL CVE-2024-21137 Vulnerability (CVE-2024-21137)

WordPress Plugin NextGEN Gallery-WordPress Gallery Security Bypass (3.1.6)

Oracle HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-44224)

Severity

Medium

Classification

CVE-2010-1627 CWE-264

Tags

Missing Update Known Vulnerabilities