Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb group vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-3799
phpBB 2.0.18 allows remote malicious users to obtain sensitive information via a large SQL query, which generates an error message that reveals SQL syntax or the full installation path.
Phpbb Group Phpbb 2.0.18
7.5
CVSSv2
CVE-2005-3415
phpBB 2.0.17 and previous versions allows remote malicious users to bypass protection mechanisms that deregister global variables by setting both a GET/POST/COOKIE (GPC) variable and a GLOBALS[] variable with the same name, which causes phpBB to unset the GLOBALS[] variable but n...
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.17
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0 Rc1
7.5
CVSSv2
CVE-2005-3416
phpBB 2.0.17 and previous versions, when register_globals is enabled and the session_start function has not been called to handle a session, allows remote malicious users to bypass security checks by setting the $_SESSION and $HTTP_SESSION_VARS variables to strings instead of arr...
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.17
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.12
7.5
CVSSv2
CVE-2005-3417
phpBB 2.0.17 and previous versions, when the register_long_arrays directive is disabled, allows remote malicious users to modify global variables and bypass security mechanisms because PHP does not define the associated HTTP_* variables.
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.17
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.10
4.3
CVSSv2
CVE-2005-3418
Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.17 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) error_msg parameter to usercp_register.php, (2) forward_page parameter to login.php, and (3) list_cat paramete...
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.17
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.16
7.5
CVSSv2
CVE-2005-3419
SQL injection vulnerability in usercp_register.php in phpBB 2.0.17 allows remote malicious users to execute arbitrary SQL commands via the signature_bbcode_uid parameter, which is not properly initialized.
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.17
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.12
7.5
CVSSv2
CVE-2005-3420
usercp_register.php in phpBB 2.0.17 allows remote malicious users to modify regular expressions and execute PHP code via the signature_bbcode_uid parameter, as demonstrated by injecting an "e" modifier into a preg_replace statement.
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.10
3.5
CVSSv2
CVE-2005-3310
Interpretation conflict in phpBB 2.0.17, with remote avatars and avatar uploading enabled, allows remote authenticated users to inject arbitrary web script or HTML via an HTML file with a GIF or JPEG file extension, which causes the HTML to be executed by a victim who views the f...
Phpbb Group Phpbb 2.0.17
4.3
CVSSv2
CVE-2005-2161
Cross-site scripting (XSS) vulnerability in phpBB 2.0.16 allows remote malicious users to inject arbitrary web script or HTML via nested [url] tags.
Phpbb Group Phpbb 2.0.16
7.5
CVSSv2
CVE-2005-2086
PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and previous versions allows remote malicious users to execute arbitrary PHP code.
Phpbb Group Phpbb 2.0.15
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »