First published: Thu Sep 18 2008(Updated: )
The search function in phpBB 2.x provides a search_id value that leaks the state of PHP's PRNG, which allows remote attackers to obtain potentially sensitive information, as demonstrated by a cross-application attack against WordPress, a different vulnerability than CVE-2006-0632.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Phpbb Phpbb | =2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.