Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb group phpbb vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-1196
SQL injection vulnerability in kb.php in the Knowledge Base module for phpBB allows remote malicious users to obtain sensitive information and execute SQL commands via the cat parameter.
Phpbb Group Phpbb
1 EDB exploit
NA
CVE-2006-2360
SQL injection vulnerability in charts.php in the Chart mod for phpBB allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Phpbb Group Phpbb
1 EDB exploit
NA
CVE-2006-1896
Unspecified vulnerability in phpBB allows remote authenticated users with Administration Panel access to execute arbitrary PHP code via crafted Font Colour 3 ($theme[fontcolor3] variable) and/or signature values, possibly involving the highlight functionality. NOTE: the original ...
Phpbb Group Phpbb
NA
CVE-2006-2359
Cross-site scripting (XSS) vulnerability in charts.php in the Chart mod for phpBB allows remote malicious users to inject arbitrary web script or HTML via the id parameter. NOTE: this issue might be resultant from SQL injection.
Phpbb Group Phpbb
1 EDB exploit
NA
CVE-2002-1537
admin_ug_auth.php in phpBB 2.0.0 allows local users to gain administrator privileges by directly calling admin_ug_auth.php with modifed form fields such as "u".
Phpbb Group Phpbb 2.0.0
NA
CVE-2005-2086
PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and previous versions allows remote malicious users to execute arbitrary PHP code.
Phpbb Group Phpbb 2.0.15
2 EDB exploits
NA
CVE-2006-6508
Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.21 allows remote authenticated users to send unauthorized messages as an arbitrary user via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party info...
Phpbb Group Phpbb 2.0.21
NA
CVE-2005-0872
Cross-site scripting (XSS) vulnerability in calendar_scheduler.php in the Topic Calendar 1.0.1 module for phpBB allows remote malicious users to inject arbitrary web script or HTML via the start parameter.
Phpbb Group Phpbb 1.0.1
1 EDB exploit
NA
CVE-2002-1894
Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB 2.0.3 allows remote malicious users to inject arbitrary web script or HTML via the highlight parameter.
Phpbb Group Phpbb 2.0.3
NA
CVE-2006-4758
phpBB 2.0.21 does not properly handle pathnames ending in %00, which allows remote authenticated administrative users to upload arbitrary files, as demonstrated by a query to admin/admin_board.php with an avatar_path parameter ending in .php%00.
Phpbb Group Phpbb 2.0.21
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »