Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2006-7168
PHP remote file inclusion vulnerability in includes/not_mem.php in the Add Name module for PHP allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Phpbb Phpbb -
1 EDB exploit
445
VMScore
CVE-2019-9826
The fulltext search component in phpBB prior to 3.2.6 allows Denial of Service.
Phpbb Phpbb
445
VMScore
CVE-2019-11767
Server side request forgery (SSRF) in phpBB prior to 3.2.6 allows checking for the existence of files and services on the local network of the host through the remote avatar upload function.
Phpbb Phpbb
755
VMScore
CVE-2007-4653
SQL injection vulnerability in links.php in the Links MOD 1.2.2 and previous versions for phpBB 2.0.22 and previous versions allows remote malicious users to execute arbitrary SQL commands via the start parameter in a search action.
Phpbb Phpbb
1 EDB exploit
465
VMScore
CVE-2001-1471
prefs.php in phpBB 1.4.0 and previous versions allows remote authenticated users to execute arbitrary PHP code via an invalid language value, which prevents the variables (1) $l_statsblock in prefs.php or (2) $l_privnotify in auth.php from being properly initialized, which can be...
Phpbb Phpbb
1 EDB exploit
445
VMScore
CVE-2020-8226
A vulnerability exists in phpBB <v3.2.10 and <v3.3.1 which allowed remote image dimensions check to be used to SSRF.
Phpbb Phpbb
685
VMScore
CVE-2006-5301
PHP remote file inclusion vulnerability in includes/antispam.php in the SpamBlockerMODv 1.0.2 and previous versions module for phpBB allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Phpbb Spamblockermod 1.0
Phpbb Spamblockermod 1.0.1
Phpbb Spamblockermod
1 EDB exploit
755
VMScore
CVE-2003-1530
SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the mark[] parameter.
Phpbb Phpbb 2.0.3
1 EDB exploit
755
VMScore
CVE-2007-0762
PHP remote file inclusion vulnerability in includes/functions.php in phpBB++ Build 100 allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Phpbb\\+\\+ Phpbb\\+\\+ Build 100
1 EDB exploit
383
VMScore
CVE-2019-13376
phpBB version 3.2.7 allows the stealing of an Administration Control Panel session id by leveraging CSRF in the Remote Avatar feature. The CSRF Token Hijacking leads to stored XSS
Phpbb Phpbb 3.2.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »