Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2002-0473
db.php in phpBB 2.0 (aka phpBB2) RC-3 and previous versions allows remote malicious users to execute arbitrary code from remote servers via the phpbb_root_path parameter.
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc3
10
CVSSv2
CVE-2006-6839
Unspecified vulnerability in phpBB prior to 2.0.22 has unknown impact and remote attack vectors related to "criteria for 'bad' redirection targets."
Phpbb Group Phpbb 1.2.4 Rc3
Phpbb Group Phpbb 2.0.18
Phpbb Group Phpbb 2.0.20
Phpbb Group Phpbb 2.0.21
10
CVSSv2
CVE-2006-6840
Unspecified vulnerability in phpBB prior to 2.0.22 has unknown impact and remote attack vectors related to a "negative start parameter."
Phpbb Group Phpbb 2.0.18
Phpbb Group Phpbb 2.0.20
Phpbb Group Phpbb 2.0.21
Phpbb Group Phpbb 1.2.4 Rc3
7.5
CVSSv2
CVE-2003-1244
SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote malicious users to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php.
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.2
1 EDB exploit
4.3
CVSSv2
CVE-2005-1113
Multiple cross-site scripting (XSS) vulnerabilities in PhpBB Plus 1.52 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the bsid parameter to (1) groupcp.php, (2) index.php, (3) portal.php, (4) viewforum.php, or (5) viewtopic.php, (6) ...
Phpbb Group Phpbb Plus
Phpbb Group Phpbb Plus 1.3
Phpbb Group Phpbb Plus 1.51
6.8
CVSSv2
CVE-2006-2245
PHP remote file inclusion vulnerability in auction\auction_common.php in Auction mod 1.3m for phpBB allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Phpbb Group Phpbb-auction 1.3m
Phpbb Group Phpbb-auction 1.0m
Phpbb Group Phpbb-auction 1.2m
1 EDB exploit
7.5
CVSSv2
CVE-2006-3940
Multiple SQL injection vulnerabilities in phpbb-Auction allow remote malicious users to execute arbitrary SQL commands via (1) the ar parameter in auction_room.php and (2) the u parameter in auction_store.php. NOTE: the auction_rating.php vector is already covered by CVE-2005-123...
Phpbb Group Phpbb-auction 1.3m
Phpbb Group Phpbb-auction 1.0m
Phpbb Group Phpbb-auction 1.2m
2 EDB exploits
6.8
CVSSv2
CVE-2007-5100
Multiple PHP remote file inclusion vulnerabilities in phpBB Plus 1.53, and 1.53a prior to 20070922, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) language/lang_german/lang_admin_album...
Phpbb Phpbb Plus 1.53
Phpbb Phpbb Plus
4.6
CVSSv2
CVE-2001-1472
SQL injection vulnerability in prefs.php in phpBB 1.4.0 and 1.4.1 allows remote authenticated users to execute arbitrary SQL commands and gain administrative access via the viewemail parameter.
Phpbb Group Phpbb 1.4.0
Phpbb Group Phpbb 1.4.1
1 EDB exploit
6.8
CVSSv2
CVE-2004-0730
Multiple cross-site scripting (XSS) vulnerabilities in PhpBB 2.0.8 allow remote malicious users to inject arbitrary web script or HTML via (1) the cat_title parameter in index.php, (2) the faq[0][0] parameter in lang_faq.php as accessible from faq.php, or (3) the faq[0][0] parame...
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.8a
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »