Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb group phpbb 2.0.18 vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2006-6839
Unspecified vulnerability in phpBB prior to 2.0.22 has unknown impact and remote attack vectors related to "criteria for 'bad' redirection targets."
Phpbb Group Phpbb 2.0.21
Phpbb Group Phpbb 2.0.20
Phpbb Group Phpbb 1.2.4 Rc3
Phpbb Group Phpbb 2.0.18
890
VMScore
CVE-2006-6840
Unspecified vulnerability in phpBB prior to 2.0.22 has unknown impact and remote attack vectors related to a "negative start parameter."
Phpbb Group Phpbb 2.0.21
Phpbb Group Phpbb 2.0.20
Phpbb Group Phpbb 1.2.4 Rc3
Phpbb Group Phpbb 2.0.18
890
VMScore
CVE-2006-6841
Certain forms in phpBB prior to 2.0.22 lack session checks, which has unknown impact and remote attack vectors.
Phpbb Group Phpbb 2.0.21
Phpbb Group Phpbb 2.0.20
Phpbb Group Phpbb 1.2.4 Rc3
Phpbb Group Phpbb 2.0.18
445
VMScore
CVE-2005-4358
admin/admin_disallow.php in phpBB 2.0.18 allows remote malicious users to obtain the installation path via a direct request with a non-empty setmodules parameter, which causes an invalid append_sid function call that leaks the path in an error message.
Phpbb Group Phpbb 2.0.18
231
VMScore
CVE-2005-4357
Cross-site scripting (XSS) vulnerability in phpBB 2.0.18, when "Allowed HTML tags" is enabled, allows remote malicious users to inject arbitrary Javascript via a permitted HTML tag with " (quote) characters and active attributes such as onmouseover.
Phpbb Group Phpbb 2.0.18
445
VMScore
CVE-2005-3799
phpBB 2.0.18 allows remote malicious users to obtain sensitive information via a large SQL query, which generates an error message that reveals SQL syntax or the full installation path.
Phpbb Group Phpbb 2.0.18
383
VMScore
CVE-2006-0437
Cross-site scripting (XSS) vulnerability in admin_smilies.php in phpBB 2.0.19 allows remote malicious users to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the (1) smile_url or (2) smile_emotion parameters, which bypasses a check fo...
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.19
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.17
Phpbb Group Phpbb 2.0.18
755
VMScore
CVE-2006-2865
PHP remote file inclusion vulnerability in template.php in phpBB 2 allows remote malicious users to execute arbitrary PHP code via a URL in the page parameter. NOTE: followup posts have disputed this issue, stating that template.php does not appear in phpBB and does not use a $pa...
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.20
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.19
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.10
1 EDB exploit
445
VMScore
CVE-2006-0450
phpBB 2.0.19 and previous versions allows remote malicious users to cause a denial of service (application crash) by (1) registering many users through profile.php or (2) using search.php to search in a certain way that confuses the database.
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.19
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0.15
1 Github repository
445
VMScore
CVE-2006-0438
Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.19, when Link to off-site Avatar or bbcode (IMG) are enabled, allows remote malicious users to perform unauthorized actions as a logged in user via a link or IMG tag in a user profile, as demonstrated using links to (1)...
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.19
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0.15
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »