PHPBB.Authentication.Bypass

description-logoDescription

A vulnerability has been reported in phpBB, which can be exploited by malicious attackers to bypass certain security restrictions. The vulnerability is caused by an error in the comparison of "sessiondata['autologinid']" and "auto_login_key". This can be exploited to gain administrative privileges on phpBB.

affected-products-logoAffected Products

Version 2.0.12 and prior.

Impact logoImpact

Gain administrator privileges.

recomended-action-logoRecommended Actions

Update to version 2.0.13.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)