CVE-2006-4450
CVE-2006-4450 · MEDIUM Severity
AV:N/AC:H/AU:N/C:P/I:P/A:P
usercp_avatar.php in PHPBB 2.0.20, when avatar uploading is enabled, allows remote attackers to use the server as a web proxy by submitting a URL to the avatarurl parameter, which is then used in an HTTP GET request.
Learn more about our Web App Pen Testing.