Unrated severityNVD Advisory· Published Aug 30, 2006· Updated Jun 16, 2026
CVE-2006-4450
CVE-2006-4450
Description
usercp_avatar.php in PHPBB 2.0.20, when avatar uploading is enabled, allows remote attackers to use the server as a web proxy by submitting a URL to the avatarurl parameter, which is then used in an HTTP GET request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.