PHPBB.Authentication.Bypass
Description
A vulnerability has been reported in phpBB, which can be exploited by malicious attackers to bypass certain security restrictions. The vulnerability is caused by an error in the comparison of "sessiondata['autologinid']" and "auto_login_key". This can be exploited to gain administrative privileges on phpBB.
Affected Products
Version 2.0.12 and prior.
Impact
Gain administrator privileges.
Recommended Actions
Update to version 2.0.13.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |