Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2007-5100
Multiple PHP remote file inclusion vulnerabilities in phpBB Plus 1.53, and 1.53a prior to 20070922, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) language/lang_german/lang_admin_album...
Phpbb Phpbb Plus 1.53
Phpbb Phpbb Plus
4.3
CVSSv2
CVE-2007-5033
Cross-site scripting (XSS) vulnerability in profile.php in phpBB XS 2 allows remote malicious users to inject arbitrary web script or HTML via the selfdes parameter in a profile_info editprofile action.
Phpbb Xs Phpbb Xs 2
6.8
CVSSv2
CVE-2007-5009
PHP remote file inclusion vulnerability in language/lang_german/lang_main_album.php in phpBB Plus 1.53, and 1.53a prior to 20070922, allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Phpbb2 Phpbb2 Plus 1.53
Phpbb2 Phpbb2 Plus 1.53a
1 EDB exploit
7.5
CVSSv2
CVE-2007-4984
SQL injection vulnerability in index.php in the Ktauber.com StylesDemo mod for phpBB 2.0.xx allows remote malicious users to execute arbitrary SQL commands via the s parameter.
Ktauber Stylesdemo 0.9.9
1 EDB exploit
7.5
CVSSv2
CVE-2007-4653
SQL injection vulnerability in links.php in the Links MOD 1.2.2 and previous versions for phpBB 2.0.22 and previous versions allows remote malicious users to execute arbitrary SQL commands via the start parameter in a search action.
Phpbb Phpbb
1 EDB exploit
9.3
CVSSv2
CVE-2007-3935
PHP remote file inclusion vulnerability in link_main.php in the SupaNav 1.0.0 module for phpBB allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Phpbb Supanav 1.0.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-3697
PHP remote file inclusion vulnerability in phpbb/sendmsg.php in FlashBB 1.1.8 and previous versions allows remote malicious users to execute arbitrary code via a URL in the phpbb_root_path parameter.
Tufat Flashbb
1 EDB exploit
6.8
CVSSv2
CVE-2006-7208
PHP remote file inclusion vulnerability in download.php in the Adam van Dongen Forum (com_forum) component (aka phpBB component) 1.2.4RC3 and previous versions for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Adam Van Dongen Phpbb Component 1.2.4rc3
Adam Van Dongen Com Forum 1.2.4rc3
1 EDB exploit
7.5
CVSSv2
CVE-2007-3136
PHP remote file inclusion vulnerability in inc/nuke_include.php in newsSync 1.5.0rc6 allows remote malicious users to execute arbitrary PHP code via a URL in the newsSync_NUKE_PATH parameter.
Newssync Newssync 1.5.0 Rc6
1 EDB exploit
6.5
CVSSv2
CVE-2007-2858
SQL injection vulnerability in the IP-Search functionality in the IP-Tracking Mod for phpBB 2.0.x allows remote authenticated administrators to execute arbitrary SQL commands via the Search Query field.
Phpbb Ip-tracking 2.0.1
Phpbb Ip-tracking 2.0.2
Phpbb Ip-tracking 2.0.9
Phpbb Ip-tracking 2.0
Phpbb Ip-tracking 2.0.7
Phpbb Ip-tracking 2.0.8
Phpbb Ip-tracking 2.0.5
Phpbb Ip-tracking 2.0.6
Phpbb Ip-tracking 2.0.3
Phpbb Ip-tracking 2.0.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »