Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-9826
The fulltext search component in phpBB prior to 3.2.6 allows Denial of Service.
Phpbb Phpbb
8.8
CVSSv3
CVE-2001-1471
prefs.php in phpBB 1.4.0 and previous versions allows remote authenticated users to execute arbitrary PHP code via an invalid language value, which prevents the variables (1) $l_statsblock in prefs.php or (2) $l_privnotify in auth.php from being properly initialized, which can be...
Phpbb Phpbb
1 EDB exploit
5.8
CVSSv3
CVE-2019-11767
Server side request forgery (SSRF) in phpBB prior to 3.2.6 allows checking for the existence of files and services on the local network of the host through the remote avatar upload function.
Phpbb Phpbb
NA
CVE-2006-7168
PHP remote file inclusion vulnerability in includes/not_mem.php in the Add Name module for PHP allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Phpbb Phpbb -
1 EDB exploit
5.8
CVSSv3
CVE-2020-8226
A vulnerability exists in phpBB <v3.2.10 and <v3.3.1 which allowed remote image dimensions check to be used to SSRF.
Phpbb Phpbb
NA
CVE-2006-5191
PHP remote file inclusion vulnerability in includes/functions_static_topics.php in the Nivisec Static Topics module for phpBB 1.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Phpbb Phpbb
1 EDB exploit
NA
CVE-2006-5301
PHP remote file inclusion vulnerability in includes/antispam.php in the SpamBlockerMODv 1.0.2 and previous versions module for phpBB allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Phpbb Spamblockermod 1.0
Phpbb Spamblockermod 1.0.1
Phpbb Spamblockermod
1 EDB exploit
4.3
CVSSv3
CVE-2019-16107
Missing form token validation in phpBB 3.2.7 allows CSRF in deleting post attachments.
Phpbb Phpbb 3.2.7
NA
CVE-2003-1530
SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the mark[] parameter.
Phpbb Phpbb 2.0.3
1 EDB exploit
NA
CVE-2002-2255
Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote malicious users to inject arbitrary web script or HTML via the search_username parameter in searchuser mode.
Phpbb Phpbb 2.0.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »