Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb group vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2002-1894
Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB 2.0.3 allows remote malicious users to inject arbitrary web script or HTML via the highlight parameter.
Phpbb Group Phpbb 2.0.3
445
VMScore
CVE-2006-2219
phpBB 2.0.20 does not verify user-specified input variable types before being passed to type-dependent functions, which allows remote malicious users to obtain sensitive information, as demonstrated by the (1) mode parameter to memberlist.php and the (2) highlight parameter to vi...
Phpbb Group Phpbb 2.0.20
445
VMScore
CVE-2005-4358
admin/admin_disallow.php in phpBB 2.0.18 allows remote malicious users to obtain the installation path via a direct request with a non-empty setmodules parameter, which causes an invalid append_sid function call that leaks the path in an error message.
Phpbb Group Phpbb 2.0.18
435
VMScore
CVE-2004-2130
Multiple cross-site scripting (XSS) vulnerabilities in privmsg.php in phpBB 2.0.6 allow remote malicious users to execute arbitrary script or HTML via the (1) folder or (2) mode variables.
Phpbb Group Phpbb 2.0.6
1 EDB exploit
445
VMScore
CVE-2005-3799
phpBB 2.0.18 allows remote malicious users to obtain sensitive information via a large SQL query, which generates an error message that reveals SQL syntax or the full installation path.
Phpbb Group Phpbb 2.0.18
890
VMScore
CVE-2002-1537
admin_ug_auth.php in phpBB 2.0.0 allows local users to gain administrator privileges by directly calling admin_ug_auth.php with modifed form fields such as "u".
Phpbb Group Phpbb 2.0.0
383
VMScore
CVE-2006-1775
Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.19 allow remote malicious users to inject arbitrary web script or HTML via the (1) Site Description field in (a) admin_board.php, the (2) Group name and (3) Group description fields in (b) admin_groups.php and (c) g...
Phpbb Group Phpbb 2.0.19
578
VMScore
CVE-2006-1895
Direct static code injection vulnerability in includes/template.php in phpBB allows remote authenticated users with write access to execute arbitrary PHP code by modifying a template in a way that (1) bypasses a loose ".*" regular expression to match BEGIN and END state...
Phpbb Group Phpbb 2.0.9
383
VMScore
CVE-2005-0673
Cross-site scripting (XSS) vulnerability in usercp_register.php for phpBB 2.0.13 allows remote malicious users to inject arbitrary web script or HTML by setting the (1) allowhtml, (2) allowbbcode, or (3) allowsmilies parameters to inject HTML into signatures for personal messages...
Phpbb Group Phpbb 2.0.13
383
VMScore
CVE-2006-1603
Cross-site scripting (XSS) vulnerability in profile.php in phpBB 2.0.19 allows remote malicious users to inject arbitrary web script or HTML via the cur_password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party infor...
Phpbb Group Phpbb 2.0.19
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »