Description

Server side request forgery (SSRF) in phpBB before 3.2.6 allows checking for the existence of files and services on the local network of the host through the remote avatar upload function.

Remediation

References

CVE-2019-11767

Related Vulnerabilities

Oracle Database Server CVE-2015-0371 Vulnerability (CVE-2015-0371)

WordPress Plugin WP Visitor Statistics (Real Time Traffic) Unspecified Vulnerability (4.8)

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-9547)

b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-0175)

WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Unspecified Vulnerability (1.14.11)

Severity

Medium

Classification

CVE-2019-11767 CWE-918 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities