Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb group vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1707
install.php in phpBB 2.0 up to and including 2.0.1, when "allow_url_fopen" and "register_globals" variables are set to "on", allows remote malicious users to execute arbitrary PHP code by modifying the phpbb_root_dir parameter to reference a URL on a...
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0 Rc2
NA
CVE-2006-6841
Certain forms in phpBB prior to 2.0.22 lack session checks, which has unknown impact and remote attack vectors.
Phpbb Group Phpbb 2.0.18
Phpbb Group Phpbb 2.0.21
Phpbb Group Phpbb 1.2.4 Rc3
Phpbb Group Phpbb 2.0.20
NA
CVE-2002-0473
db.php in phpBB 2.0 (aka phpBB2) RC-3 and previous versions allows remote malicious users to execute arbitrary code from remote servers via the phpbb_root_path parameter.
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc3
NA
CVE-2003-1373
Directory traversal vulnerability in auth.php for PhpBB 1.4.0 up to and including 1.4.4 allows remote malicious users to read and include arbitrary files via .. (dot dot) sequences followed by NULL (%00) characters in CGI parameters, as demonstrated using the lang parameter in pr...
Phpbb Group Phpbb 1.4.4
Phpbb Group Phpbb 1.4.1
Phpbb Group Phpbb 1.4.2
Phpbb Group Phpbb 1.4.0
NA
CVE-2006-6839
Unspecified vulnerability in phpBB prior to 2.0.22 has unknown impact and remote attack vectors related to "criteria for 'bad' redirection targets."
Phpbb Group Phpbb 1.2.4 Rc3
Phpbb Group Phpbb 2.0.18
Phpbb Group Phpbb 2.0.20
Phpbb Group Phpbb 2.0.21
NA
CVE-2006-6840
Unspecified vulnerability in phpBB prior to 2.0.22 has unknown impact and remote attack vectors related to a "negative start parameter."
Phpbb Group Phpbb 2.0.18
Phpbb Group Phpbb 2.0.20
Phpbb Group Phpbb 2.0.21
Phpbb Group Phpbb 1.2.4 Rc3
NA
CVE-2003-1244
SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote malicious users to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php.
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.2
1 EDB exploit
NA
CVE-2005-1113
Multiple cross-site scripting (XSS) vulnerabilities in PhpBB Plus 1.52 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the bsid parameter to (1) groupcp.php, (2) index.php, (3) portal.php, (4) viewforum.php, or (5) viewtopic.php, (6) ...
Phpbb Group Phpbb Plus
Phpbb Group Phpbb Plus 1.3
Phpbb Group Phpbb Plus 1.51
NA
CVE-2006-2245
PHP remote file inclusion vulnerability in auction\auction_common.php in Auction mod 1.3m for phpBB allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Phpbb Group Phpbb-auction 1.3m
Phpbb Group Phpbb-auction 1.0m
Phpbb Group Phpbb-auction 1.2m
1 EDB exploit
NA
CVE-2006-3940
Multiple SQL injection vulnerabilities in phpbb-Auction allow remote malicious users to execute arbitrary SQL commands via (1) the ar parameter in auction_room.php and (2) the u parameter in auction_store.php. NOTE: the auction_rating.php vector is already covered by CVE-2005-123...
Phpbb Group Phpbb-auction 1.3m
Phpbb Group Phpbb-auction 1.0m
Phpbb Group Phpbb-auction 1.2m
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »