Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1oM21yLXE5NnItMzd2NM4AASxx
phpBB Remote Code Execution
Passing an absolute path to a file_exists check in phpBB before 3.2.4 allows Remote Code Execution through Object Injection by employing Phar deserialization when an attacker has access to the Admin Control Panel with founder permissions.
Permalink: https://github.com/advisories/GHSA-h3mr-q96r-37v4JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1oM21yLXE5NnItMzd2NM4AASxx
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: almost 2 years ago
Updated: 14 days ago
CVSS Score: 7.2
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Identifiers: GHSA-h3mr-q96r-37v4, CVE-2018-19274
References:
- https://nvd.nist.gov/vuln/detail/CVE-2018-19274
- https://lists.debian.org/debian-lts-announce/2018/11/msg00029.html
- https://www.phpbb.com/community/viewtopic.php?f=14&t=2492206
- https://blog.ripstech.com/2018/phpbb3-phar-deserialization-to-remote-code-execution
- https://github.com/advisories/GHSA-h3mr-q96r-37v4
Affected Packages
packagist:phpbb/phpbb
Dependent packages: 23Dependent repositories: 168
Downloads: 19,683 total
Affected Version Ranges: < 3.2.4
Fixed in: 3.2.4
All affected versions: 3.0.12, 3.0.13, 3.0.14, 3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.8, 3.1.9, 3.1.10, 3.1.11, 3.1.12, 3.2.0, 3.2.1, 3.2.2, 3.2.3
All unaffected versions: 3.2.4, 3.2.5, 3.2.6, 3.2.7, 3.2.8, 3.2.9, 3.2.10, 3.2.11, 3.3.0, 3.3.1, 3.3.2, 3.3.3, 3.3.4, 3.3.5, 3.3.6, 3.3.7, 3.3.8, 3.3.9, 3.3.10, 3.3.11