Unrated severityNVD Advisory· Published Oct 28, 2010· Updated Apr 29, 2026
CVE-2010-3713
CVE-2010-3713
Description
rss.php in UseBB before 1.0.11 does not properly handle forum configurations in which a user has the view permission but not the read permission, which allows remote attackers to bypass intended access restrictions by reading a forum feed in combination with a topic feed.
Affected products
32cpe:2.3:a:usebb:usebb:*:*:*:*:*:*:*:*+ 31 more
- cpe:2.3:a:usebb:usebb:*:*:*:*:*:*:*:*range: <=1.0.10
- cpe:2.3:a:usebb:usebb:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.2.3:a:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.5.1:a:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.6:a:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.7:beta1:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:0.7:beta2:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:1.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:1.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:1.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:usebb:usebb:1.0:rc3:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4News mentions
0No linked articles in our index yet.