Remote File and Service Enumeration through SSRF in phpBB

Remote File and Service Enumeration through SSRF in phpBB

CVE-2019-11767 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Server side request forgery (SSRF) in phpBB before 3.2.6 allows checking for the existence of files and services on the local network of the host through the remote avatar upload function.

Learn more about our Network Penetration Testing.