CVE-2010-1627 Information

Description

feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check permissions for feeds which allows remote attackers to bypass intended access restrictions via unspecified attack vectors related to permission settings on a private forum.

Reference

http://www.openwall.com/lists/oss-security/2010/05/16/1 http://www.openwall.com/lists/oss-security/2010/05/18/6 http://www.phpbb.com/community/viewtopic.php?f=14&t=2014195