HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-48613Published Modified CNA hackerone

CVE-2026-48613: SQL injection vulnerability in phpBB profile field migration due to improper handling of user-supplied profile field data during migration, allowing execution of arbitrary SQL queries

SQL injection vulnerability in phpBB profile field migration due to improper handling of user-supplied profile field data during migration, allowing execution of arbitrary SQL queries. Only applies to phpBB forums that had been updated from versions prior to phpBB 3.3.8 and have not been updated to 3.3.11 or newer yet.

Metrics

CVSS v3.0
7.1
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

SQL injection vulnerability in phpBB allows an authenticated attacker to execute arbitrary SQL queries against the forum database during a profile field migration operation. The vulnerability is reachable over the network but requires a low-privilege account, victim interaction, and favorable environmental conditions to exploit. Successful exploitation reads sensitive data from the database, modifies stored records, and degrades service availability. No fix version has been published yet; HarborGuard tracks the advisory and will make a patched-image rebuild available the moment an upstream fix is released.

HarborGuard Coverage

Detection

Detection capability is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against customer images in connected registries and CI/CD pipelines, including custom-built phpBB images. Any image running phpBB at or below version 3.3.16 in an affected migration state is flagged automatically.

Available
Triage

HarborGuard is capable of scoring this CVE at 7.1 HIGH using the published CVSS v3.0 vector and weighting that score against each environment's configured compliance policy. Triage findings are routed to the appropriate team inbox within each customer organization based on policy-defined severity thresholds and asset ownership rules.

Available
Patch

Because no upstream fix version has been published, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment phpBB ships a remediated release. In the interim, compensating controls such as network-policy isolation for the phpBB service and egress filtering on database connections are surfaced as recommended actions within the triage workflow.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The vulnerable phpBB endpoint is exposed over the network, so an attacker must be able to reach it via HTTP/HTTPS from a remote host.

  • AuthenticationRequired

    A low-privilege forum account is sufficient; no administrative credentials are needed, but some authenticated session must exist.

  • Victim interactionRequired

    A legitimate user or administrator must take an action (such as triggering or being present during a profile field migration) for the exploit to execute.

  • Attack complexityDetail

    Attack complexity is rated High, meaning the attacker depends on specific environmental conditions such as an active migration state from a pre-3.3.8 phpBB install, making reliable exploitation conditional on that setup being present.

Blast Radius

  • Reads stored database contents including user credentials, session tokens, private messages, and email addresses.
  • Modifies persisted database rows including user profile fields, permissions, and forum configuration records.
  • Degrades service availability for the forum by corrupting data structures or issuing resource-intensive queries.
  • Exploitation is constrained to forums that were previously upgraded from a version older than 3.3.8 and have not yet reached 3.3.11 or newer, limiting the exposed population to that specific migration window.

How HarborGuard Handles This

Available on HarborGuard: detection for this CVE is active across all connected environments, matching images against the affected phpBB version range automatically. Because no upstream patch exists as of the CVE publication date, HarborGuard monitors the advisory on every ingest cycle and will generate a patched-image rebuild and, for customers with auto-remediation enabled, open a PR against affected workloads as soon as phpBB publishes a fix. While waiting for that fix, HarborGuard surfaces compensating-control recommendations including network-policy isolation to restrict access to the phpBB service, database egress filtering to limit lateral query exposure, and feature-flag or maintenance-mode gating of the profile field migration path where operationally feasible. Where compliance policy permits, auto-remediation customers will receive a rebuilt image, a regression-test run, and a PR against affected workloads with no manual intervention required once the upstream release is available.

See how HarborGuard automates this
Affected packages
  • phpBB / phpBB
    ≤ 3.3.16
CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L/CR:H/IR:H/AR:H
References