Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb group vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2006-6508
Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.21 allows remote authenticated users to send unauthorized messages as an arbitrary user via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party info...
Phpbb Group Phpbb 2.0.21
7.5
CVSSv2
CVE-2005-2086
PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and previous versions allows remote malicious users to execute arbitrary PHP code.
Phpbb Group Phpbb 2.0.15
2 EDB exploits
2.6
CVSSv2
CVE-2005-4357
Cross-site scripting (XSS) vulnerability in phpBB 2.0.18, when "Allowed HTML tags" is enabled, allows remote malicious users to inject arbitrary Javascript via a permitted HTML tag with " (quote) characters and active attributes such as onmouseover.
Phpbb Group Phpbb 2.0.18
5
CVSSv2
CVE-2005-4358
admin/admin_disallow.php in phpBB 2.0.18 allows remote malicious users to obtain the installation path via a direct request with a non-empty setmodules parameter, which causes an invalid append_sid function call that leaks the path in an error message.
Phpbb Group Phpbb 2.0.18
4.3
CVSSv2
CVE-2005-2161
Cross-site scripting (XSS) vulnerability in phpBB 2.0.16 allows remote malicious users to inject arbitrary web script or HTML via nested [url] tags.
Phpbb Group Phpbb 2.0.16
4.3
CVSSv2
CVE-2005-0673
Cross-site scripting (XSS) vulnerability in usercp_register.php for phpBB 2.0.13 allows remote malicious users to inject arbitrary web script or HTML by setting the (1) allowhtml, (2) allowbbcode, or (3) allowsmilies parameters to inject HTML into signatures for personal messages...
Phpbb Group Phpbb 2.0.13
6.5
CVSSv2
CVE-2006-1895
Direct static code injection vulnerability in includes/template.php in phpBB allows remote authenticated users with write access to execute arbitrary PHP code by modifying a template in a way that (1) bypasses a loose ".*" regular expression to match BEGIN and END state...
Phpbb Group Phpbb 2.0.9
4.3
CVSSv2
CVE-2006-1603
Cross-site scripting (XSS) vulnerability in profile.php in phpBB 2.0.19 allows remote malicious users to inject arbitrary web script or HTML via the cur_password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party infor...
Phpbb Group Phpbb 2.0.19
4.3
CVSSv2
CVE-2006-1775
Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.19 allow remote malicious users to inject arbitrary web script or HTML via the (1) Site Description field in (a) admin_board.php, the (2) Group name and (3) Group description fields in (b) admin_groups.php and (c) g...
Phpbb Group Phpbb 2.0.19
5.1
CVSSv2
CVE-2006-4450
usercp_avatar.php in PHPBB 2.0.20, when avatar uploading is enabled, allows remote malicious users to use the server as a web proxy by submitting a URL to the avatarurl parameter, which is then used in an HTTP GET request.
Phpbb Group Phpbb 2.0.20
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »