Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb phpbb vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2015-3880
Open redirect vulnerability in phpBB prior to 3.0.14 and 3.1.x prior to 3.1.4 allows remote malicious users to redirect users of Google Chrome to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Phpbb Phpbb
Phpbb Phpbb 3.1.4
Phpbb Phpbb 3.1.3
Phpbb Phpbb 3.1.2
Phpbb Phpbb 3.1.1
Phpbb Phpbb 3.1.0
NA
CVE-2006-0437
Cross-site scripting (XSS) vulnerability in admin_smilies.php in phpBB 2.0.19 allows remote malicious users to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the (1) smile_url or (2) smile_emotion parameters, which bypasses a check fo...
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.19
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.17
Phpbb Group Phpbb 2.0.18
NA
CVE-2004-1535
PHP remote file inclusion vulnerability in admin_cash.php for the Cash Mod module for phpBB allows remote malicious users to execute arbitrary PHP code by modifying the phpbb_root_path parameter to reference a URL on a remote web server that contains the code.
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb Rc1
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb Rc4
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb Rc3
Phpbb Group Phpbb Rc2
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb Rc1 Pre
1 EDB exploit
NA
CVE-2005-1290
Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.14 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) u parameter to profile.php, (2) highlight parameter to viewtopic.php, or (3) forumname or forumdesc parameters...
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.0
NA
CVE-2005-0258
Directory traversal vulnerability in (1) usercp_register.php and (2) usercp_avatar.php for phpBB 2.0.11, and possibly other versions, with gallery avatars enabled, allows remote malicious users to delete (unlink) arbitrary files via "/../" sequences in the avatarselect ...
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0 Beta1
NA
CVE-2005-0603
viewtopic.php in phpBB 2.0.12 and previous versions allows remote malicious users to obtain sensitive information via a highlight parameter containing invalid regular expression syntax, which reveals the path in a PHP error message.
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0 Beta1
1 Github repository
NA
CVE-2005-0259
phpBB 2.0.11, and possibly other versions, with remote avatars and avatar uploading enabled, allows local users to read arbitrary files by providing both a local and remote location for an avatar, then modifying the "Upload Avatar from a URL:" field to reference the tar...
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0 Beta1
NA
CVE-2004-2350
SQL injection vulnerability in search.php for phpBB 1.0 up to and including 2.0.6 allows remote malicious users to execute arbitrary SQL and gain privileges via the search_results parameter.
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 1.2.1
Phpbb Group Phpbb 1.4.1
Phpbb Group Phpbb 1.4.4
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 1.4.2
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 1.0.0
Phpbb Group Phpbb 1.2.0
Phpbb Group Phpbb 1.4.0
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0 Beta1
1 EDB exploit
NA
CVE-2003-1215
SQL injection vulnerability in groupcp.php for phpBB 2.0.6 and previous versions allows group moderators to perform unauthorized activities via the sql_in parameter.
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 1.2.1
Phpbb Group Phpbb 1.4.1
Phpbb Group Phpbb 1.4.4
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 1.4.2
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 1.0.0
Phpbb Group Phpbb 1.2.0
Phpbb Group Phpbb 1.4.0
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0 Beta1
NA
CVE-2003-1216
SQL injection vulnerability in search.php for phpBB 2.0.6 and previous versions allows remote malicious users to execute arbitrary SQL and gain privileges via the search_id parameter.
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 1.2.1
Phpbb Group Phpbb 1.4.1
Phpbb Group Phpbb 1.4.4
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 1.4.2
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 1.0.0
Phpbb Group Phpbb 1.2.0
Phpbb Group Phpbb 1.4.0
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0 Beta1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »