Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb group vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-1196
SQL injection vulnerability in kb.php in the Knowledge Base module for phpBB allows remote malicious users to obtain sensitive information and execute SQL commands via the cat parameter.
Phpbb Group Phpbb
1 EDB exploit
5
CVSSv2
CVE-2005-1234
Multiple SQL injection vulnerabilities in phpbb-Auction allow remote malicious users to execute arbitrary SQL commands via the (1) u parameter to auction_rating.php or (2) ar parameter to action_offer.php.
Phpbb Group Phpbb-auction 1.0m
Phpbb Group Phpbb-auction 1.2m
5
CVSSv2
CVE-2005-1235
auction_my_auctions.php in phpbb-Auction 1.2m and previous versions allows remote malicious users to obtain sensitive information via an invalid mode parameter, which leaks the full path in a PHP error message.
Phpbb Group Phpbb-auction 1.0m
Phpbb Group Phpbb-auction 1.2m
4.3
CVSSv2
CVE-2005-1290
Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.14 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) u parameter to profile.php, (2) highlight parameter to viewtopic.php, or (3) forumname or forumdesc parameters...
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.6
7.5
CVSSv2
CVE-2005-1047
Meilad File upload script (up.php) mod for phpBB 2.0.x does not properly limit the types of files that can be uploaded, which allows remote authenticated users to execute arbitrary commands by uploading PHP files, then directly requesting them from the uploads directory.
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.0
5
CVSSv2
CVE-2005-0258
Directory traversal vulnerability in (1) usercp_register.php and (2) usercp_avatar.php for phpBB 2.0.11, and possibly other versions, with gallery avatars enabled, allows remote malicious users to delete (unlink) arbitrary files via "/../" sequences in the avatarselect ...
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc3
6.4
CVSSv2
CVE-2005-0259
phpBB 2.0.11, and possibly other versions, with remote avatars and avatar uploading enabled, allows local users to read arbitrary files by providing both a local and remote location for an avatar, then modifying the "Upload Avatar from a URL:" field to reference the tar...
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0 Rc1
5
CVSSv2
CVE-2005-0603
viewtopic.php in phpBB 2.0.12 and previous versions allows remote malicious users to obtain sensitive information via a highlight parameter containing invalid regular expression syntax, which reveals the path in a PHP error message.
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0 Beta1
1 Github repository
4.3
CVSSv2
CVE-2004-1809
Cross-site scripting (XSS) vulnerability in phpBB 2.0.6d and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) postdays parameter to viewtopic.php or (2) topicdays parameter to viewforum.php.
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0.6d
5
CVSSv2
CVE-2004-2054
CRLF injection vulnerability in PhpBB 2.0.4 and 2.0.9 allows remote malicious users to perform HTTP Response Splitting attacks to modify expected HTML content from the server via (1) the mode parameter to privmsg.php or (2) the redirect parameter to login.php.
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0 Rc1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »