Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb group vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-5501
phpBB 3.2.8 allows a CSRF attack that can modify a group avatar.
Phpbb Phpbb 3.2.8
4.3
CVSSv2
CVE-2020-5502
phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships.
Phpbb Phpbb 3.2.8
4.3
CVSSv2
CVE-2008-3315
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.10 allow remote malicious users to inject arbitrary web script or HTML via the (1) query string to (a) announcements/messages.php; (b) lostPassword.php and (c) profile.php in auth/; (d) calendar/myagenda.php; (e...
Claroline Claroline 1.8.10
4 EDB exploits
4.3
CVSSv2
CVE-2008-3260
Multiple cross-site scripting (XSS) vulnerabilities in Claroline prior to 1.8.10 allow remote malicious users to inject arbitrary web script or HTML via (1) the cwd parameter in a rqMkHtml action to document/rqmkhtml.php, or the query string to (2) announcements/announcements.php...
Claroline Claroline 1.5.4
Claroline Claroline 1.6
Claroline Claroline 1.7.5
Claroline Claroline 1.7.6
Claroline Claroline 1.8.5
Claroline Claroline 1.8.6
Claroline Claroline 1.2
Claroline Claroline 1.6 Beta
Claroline Claroline 1.6 Rc1
Claroline Claroline 1.7.7
Claroline Claroline 1.8.0
Claroline Claroline 1.8.7
Claroline Claroline 1.8.8
Claroline Claroline 1.3
Claroline Claroline 1.4
Claroline Claroline 1.7
Claroline Claroline 1.7.1
Claroline Claroline 1.8.1
Claroline Claroline 1.8.2
Claroline Claroline
Claroline Claroline 1.5
Claroline Claroline 1.5.3
12 EDB exploits
10
CVSSv2
CVE-2007-1695
PHP remote file inclusion vulnerability in includes/usercp_register.php in phpBB 2.0.19 allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: this issue has been disputed by third-party researchers, stating that the file che...
Phpbb Group Phpbb 2.0.19
4.3
CVSSv2
CVE-2006-7076
Cross-site scripting (XSS) vulnerability in guestbook.php in Advanced Guestbook 2.4 for phpBB allows remote malicious users to inject arbitrary web script or HTML via the entry parameter. NOTE: this issue might be resultant from SQL injection.
Phpbb Group Phpbb Advanced Guestbook 2.4.0
6.8
CVSSv2
CVE-2006-7077
SQL injection vulnerability in guestbook.php in Advanced Guestbook 2.4 for phpBB allows remote malicious users to execute arbitrary SQl commands via the entry parameter.
Phpbb Group Phpbb Advanced Guestbook 2.4.0
5
CVSSv2
CVE-2006-2219
phpBB 2.0.20 does not verify user-specified input variable types before being passed to type-dependent functions, which allows remote malicious users to obtain sensitive information, as demonstrated by the (1) mode parameter to memberlist.php and the (2) highlight parameter to vi...
Phpbb Group Phpbb 2.0.20
10
CVSSv2
CVE-2006-6841
Certain forms in phpBB prior to 2.0.22 lack session checks, which has unknown impact and remote attack vectors.
Phpbb Group Phpbb 2.0.18
Phpbb Group Phpbb 2.0.21
Phpbb Group Phpbb 1.2.4 Rc3
Phpbb Group Phpbb 2.0.20
10
CVSSv2
CVE-2006-6839
Unspecified vulnerability in phpBB prior to 2.0.22 has unknown impact and remote attack vectors related to "criteria for 'bad' redirection targets."
Phpbb Group Phpbb 1.2.4 Rc3
Phpbb Group Phpbb 2.0.18
Phpbb Group Phpbb 2.0.20
Phpbb Group Phpbb 2.0.21
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28254
CVE-2024-32515
CVE-2024-21338
validation
CVE-2024-32522
dos
CVE-2024-2101
CVE-2024-21107
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »