VYPR
Unrated severityNVD Advisory· Published Aug 30, 2006· Updated Jun 16, 2026

CVE-2006-4450

CVE-2006-4450

Description

usercp_avatar.php in PHPBB 2.0.20, when avatar uploading is enabled, allows remote attackers to use the server as a web proxy by submitting a URL to the avatarurl parameter, which is then used in an HTTP GET request.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • PhpBB/phpBB2 versions
    cpe:2.3:a:phpbb_group:phpbb:2.0.20:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:phpbb_group:phpbb:2.0.20:*:*:*:*:*:*:*
    • (no CPE)range: =2.0.20

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.