Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0533
phpBB 1.4.4 and previous versions with BBcode allows remote malicious users to cause a denial of service (CPU consumption) and corrupt the database via null \0 characters within [code] tags.
Phpbb Group Phpbb 1.2.1
Phpbb Group Phpbb 1.4.0
Phpbb Group Phpbb 1.4.1
Phpbb Group Phpbb 1.4.2
Phpbb Group Phpbb 1.4.4
Phpbb Group Phpbb 1.0.0
Phpbb Group Phpbb 1.2.0
NA
CVE-2002-0475
Cross-site scripting vulnerability in phpBB 1.4.4 and previous versions allows remote malicious users to execute arbitrary Javascript on web clients by embedding the script within an IMG image tag while editing a message.
Phpbb Group Phpbb 1.0.0
Phpbb Group Phpbb 1.2.1
Phpbb Group Phpbb 1.4.1
Phpbb Group Phpbb 1.4.2
Phpbb Group Phpbb 1.4.4
Phpbb Group Phpbb 1.2.0
Phpbb Group Phpbb 1.4.0
NA
CVE-2002-2346
phpBB 2.0 up to and including 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote malicious users to obtain client IP addresses.
Phpbb Phpbb 2.0
Phpbb Phpbb 2.0.2
Phpbb Phpbb 2.0.1
Phpbb Phpbb 2.0.3
NA
CVE-2008-6507
Unspecified vulnerability in phpBB prior to 3.0.4 allows malicious users to obtain sensitive information via unknown vectors related to the lack of password prompts for a private message that quotes a post in a password-protected forum.
Phpbb Phpbb 3.0.1
Phpbb Phpbb 3.0.3
Phpbb Phpbb 3.0.2
Phpbb Phpbb 3.0.0
NA
CVE-2002-0902
Cross-site scripting vulnerability in phpBB 2.0.0 (phpBB2) allows remote malicious users to execute Javascript as other phpBB users by including a http:// and a double-quote (") in the [IMG] tag, which bypasses phpBB's security check, terminates the src parameter of the...
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc4
1 EDB exploit
NA
CVE-2002-1707
install.php in phpBB 2.0 up to and including 2.0.1, when "allow_url_fopen" and "register_globals" variables are set to "on", allows remote malicious users to execute arbitrary PHP code by modifying the phpbb_root_dir parameter to reference a URL on a...
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0 Rc2
NA
CVE-2008-1766
Multiple unspecified vulnerabilities in phpBB prior to 3.0.1 have unknown impact and attack vectors, related to "two minor security-related bugs."
Phpbb Phpbb 3.0.0
Phpbb Phpbb 3.0.0rc
Phpbb Phpbb
NA
CVE-2008-3224
Unspecified vulnerability in phpBB prior to 3.0.1 has unknown impact and attack vectors related to "urls gone through redirect() being used within login_box()."
Phpbb Phpbb 3.0
Phpbb Phpbb 3.0.0
Phpbb Phpbb
NA
CVE-2003-1373
Directory traversal vulnerability in auth.php for PhpBB 1.4.0 up to and including 1.4.4 allows remote malicious users to read and include arbitrary files via .. (dot dot) sequences followed by NULL (%00) characters in CGI parameters, as demonstrated using the lang parameter in pr...
Phpbb Group Phpbb 1.4.4
Phpbb Group Phpbb 1.4.1
Phpbb Group Phpbb 1.4.2
Phpbb Group Phpbb 1.4.0
NA
CVE-2002-0473
db.php in phpBB 2.0 (aka phpBB2) RC-3 and previous versions allows remote malicious users to execute arbitrary code from remote servers via the phpbb_root_path parameter.
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »