CVE-2025-70810 Phpbb — Exploit & Vulnerability Details HIGH

CVE-2025-70810

HIGH CVSS 3.1: 8.8 EPSS 0.05%

Parameter	Value
CVSS	8.8 (HIGH)
Type	CWE-352 (Cross-Site Request Forgery (CSRF))
Vendor	Phpbb
Public PoC	No

Cross Site Request Forgery vulnerability in Phpbb phbb3 v.3.3.15 allows a local attacker to execute arbitrary code via the login function and the authentication mechanism

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

Low

Easy to exploit

Privileges Required

None

No privileges needed

User Interaction

Required

User action required

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

High

Complete data modification

Availability

High

Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-352 Cross-Site Request Forgery (CSRF)

Vulnerable Products 1

Configuration	From (including)	Up to (excluding)
Phpbb Phpbb cpe:2.3:a:phpbb:phpbb:3.3.15:-::::::	—	—

References 3

https://gist.github.com/ariefibis/80e306765c23d6fac1584dbb76822e30

cve@mitre.org

https://github.com/ariefibis

cve@mitre.org

https://www.linkedin.com/in/mohammed-a-6a2548112/

cve@mitre.org

Share Post Share Share Share

Related Vulnerabilities

CVE-2025-70811

Phpbb

4.3

CVE-2019-25685

Phpbb

8.7

CVE-2006-5418

Phpbb

None

CVE-2006-5390

Phpbb

None

CVE-2006-5309

Phpbb

None

Menu

CVE-2025-70810

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products 1

References 3

Related Vulnerabilities

CVE-2025-70811

CVE-2019-25685

CVE-2006-5418

CVE-2006-5390

CVE-2006-5309

CVE Details

Editor's Choice

Menu

CVE-2025-70810

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products 1

References 3

Related Vulnerabilities

CVE-2025-70811

CVE-2019-25685

CVE-2006-5418

CVE-2006-5390

CVE-2006-5309

CVE Details

Editor's Choice

Stay informed on cybersecurity