CVE-2019-11767
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2019-11767
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-11767.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-11767
- Aliases
- Related
- Published
- 2019-05-05T06:29:00Z
- Modified
- 2024-09-03T02:23:30.466764Z
- Severity
-
- 5.8 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Server side request forgery (SSRF) in phpBB before 3.2.6 allows checking for the existence of files and services on the local network of the host through the remote avatar upload function.
- References
Affected packages
Git / github.com/phpbb/phpbb
Affected ranges
- Type
- GIT
- Repo
- https://github.com/phpbb/phpbb
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
release-3.*
release-3.0-B1
release-3.0-B2
release-3.0-B3
release-3.0-B4
release-3.0-B5
release-3.0-RC1
release-3.0-RC2
release-3.0-RC3
release-3.0-RC4
release-3.0-RC5
release-3.0-RC6
release-3.0-RC7
release-3.0-RC8
release-3.0.0
release-3.0.1
release-3.0.1-RC1
release-3.0.10
release-3.0.10-RC1
release-3.0.10-RC2
release-3.0.10-RC3
release-3.0.11-RC1
release-3.0.11-RC2
release-3.0.12-RC1
release-3.0.12-RC2
release-3.0.12-RC3
release-3.0.13-PL1
release-3.0.13-RC1
release-3.0.14
release-3.0.14-RC1
release-3.0.2
release-3.0.2-RC1
release-3.0.2-RC2
release-3.0.3
release-3.0.3-RC1
release-3.0.4
release-3.0.4-RC1
release-3.0.5
release-3.0.5-RC1
release-3.0.6
release-3.0.6-RC1
release-3.0.6-RC2
release-3.0.6-RC3
release-3.0.6-RC4
release-3.0.7
release-3.0.7-PL1
release-3.0.7-RC1
release-3.0.7-RC2
release-3.0.8
release-3.0.8-RC1
release-3.0.9
release-3.0.9-RC1
release-3.0.9-RC2
release-3.0.9-RC3
release-3.0.9-RC4
release-3.1.0
release-3.1.0-RC1
release-3.1.0-RC2
release-3.1.0-RC3
release-3.1.0-RC4
release-3.1.0-RC5
release-3.1.0-RC6
release-3.1.0-a1
release-3.1.0-a2
release-3.1.0-a3
release-3.1.0-b1
release-3.1.0-b2
release-3.1.0-b3
release-3.1.0-b4
release-3.1.1
release-3.1.10
release-3.1.10-RC1
release-3.1.11
release-3.1.11-RC1
release-3.1.12
release-3.1.2
release-3.1.2-RC1
release-3.1.3
release-3.1.3-RC1
release-3.1.3-RC2
release-3.1.4
release-3.1.4-RC1
release-3.1.4-RC2
release-3.1.5
release-3.1.5-RC1
release-3.1.6
release-3.1.6-RC1
release-3.1.7
release-3.1.7-RC1
release-3.1.7-pl1
release-3.1.8
release-3.1.8-RC1
release-3.1.9
release-3.1.9-RC1
release-3.2.0
release-3.2.0-RC1
release-3.2.0-RC2
release-3.2.0-a1
release-3.2.0-b2
release-3.2.1
release-3.2.1-RC1
release-3.2.2
release-3.2.2-RC1
release-3.2.3
release-3.2.3-RC1
release-3.2.3-RC2
release-3.2.4
release-3.2.4-RC1
release-3.2.5
release-3.2.5-RC1
release-3.2.6-RC1