Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb group phpbb 2.0.13 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0673
Cross-site scripting (XSS) vulnerability in usercp_register.php for phpBB 2.0.13 allows remote malicious users to inject arbitrary web script or HTML by setting the (1) allowhtml, (2) allowbbcode, or (3) allowsmilies parameters to inject HTML into signatures for personal messages...
Phpbb Group Phpbb 2.0.13
NA
CVE-2005-1290
Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.14 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) u parameter to profile.php, (2) highlight parameter to viewtopic.php, or (3) forumname or forumdesc parameters...
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.6
NA
CVE-2006-0437
Cross-site scripting (XSS) vulnerability in admin_smilies.php in phpBB 2.0.19 allows remote malicious users to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the (1) smile_url or (2) smile_emotion parameters, which bypasses a check fo...
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.17
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.18
Phpbb Group Phpbb 2.0.19
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.7
NA
CVE-2005-1115
Multiple cross-site scripting (XSS) vulnerabilities in Photo Album 2.0.53 module for phpBB allow remote malicious users to inject arbitrary web script or HTML via the bsid parameter to (1) album_cat.php or (2) album_comment.php.
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.6c
Smartor Photo Album 2.0.53
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
NA
CVE-2005-1114
Multiple SQL injection vulnerabilities in album_search.php in Photo Album 2.0.53 for phpBB allow remote malicious users to execute arbitrary SQL commands via the (1) mode or (2) search parameters.
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.9
Smartor Photo Album 2.0.53
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.7a
NA
CVE-2005-1047
Meilad File upload script (up.php) mod for phpBB 2.0.x does not properly limit the types of files that can be uploaded, which allows remote authenticated users to execute arbitrary commands by uploading PHP files, then directly requesting them from the uploads directory.
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.0
NA
CVE-2005-1193
The bbencode_second_pass and make_clickable functions in bbcode.php for phpBB prior to 2.0.15, as used in viewtopic.php, privmsg.php, and other scripts, allow remote malicious users to execute arbitrary script via a BBcode tag with a (1) javascript:, (2) applet:, (3) about:, (4) ...
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
1 EDB exploit
NA
CVE-2005-3415
phpBB 2.0.17 and previous versions allows remote malicious users to bypass protection mechanisms that deregister global variables by setting both a GET/POST/COOKIE (GPC) variable and a GLOBALS[] variable with the same name, which causes phpBB to unset the GLOBALS[] variable but n...
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.17
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0 Rc1
NA
CVE-2005-3416
phpBB 2.0.17 and previous versions, when register_globals is enabled and the session_start function has not been called to handle a session, allows remote malicious users to bypass security checks by setting the $_SESSION and $HTTP_SESSION_VARS variables to strings instead of arr...
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.17
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.12
NA
CVE-2005-3417
phpBB 2.0.17 and previous versions, when the register_long_arrays directive is disabled, allows remote malicious users to modify global variables and bypass security mechanisms because PHP does not define the associated HTTP_* variables.
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.17
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »