CVE-2006-4450 in PHPBB信息

摘要

由 VulDB • 2026-06-24

PHPBB 2.0.20 中的 usercp_avatar.php,在启用头像上传功能时,允许远程攻击者通过向 avatarurl 参数提交一个 URL(该 URL随后被用于发起 HTTP GET 请求),从而将服务器用作 Web 代理。

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

来源

Do you want to use VulDB in your project?

Use the official API to access entries easily!