Back to CVE Browser

CVE-2006-6839

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0030%

EPSS Percentile18.88th

PublishedDec 31, 2006

Last ModifiedApr 23, 2026

Vulnerability Description

Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to "criteria for 'bad' redirection targets."

Affected Platforms (CPE)

📦

Phpbb Group

Phpbb

= 1.2.4_rc3

📦

Phpbb Group

Phpbb

= 2.0.18

📦

Phpbb Group

Phpbb

= 2.0.20

📦

Phpbb Group

Phpbb

= 2.0.21

References & Advisories

🔗 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405980

🔗 http://secunia.com/advisories/28871

🔗 http://www.debian.org/security/2008/dsa-1488

🔗 http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624

🔗 http://www.securityfocus.com/bid/21806

🔗 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405980

🔗 http://secunia.com/advisories/28871

🔗 http://www.debian.org/security/2008/dsa-1488

Related Vulnerabilities

CVE-2002-153710.0

admin_ug_auth.php in phpBB 2.0.0 allows local users to gain administrator privileges by directly calling admin_ug_auth.php with mo...

CVE-2006-684010.0

Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to a "negative start paramet...

CVE-2002-047310.0

db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier allows remote attackers to execute arbitrary code from remote servers via the ph...

CVE-2006-684110.0

Certain forms in phpBB before 2.0.22 lack session checks, which has unknown impact and remote attack vectors.