Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb group vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-5501
phpBB 3.2.8 allows a CSRF attack that can modify a group avatar.
Phpbb Phpbb 3.2.8
383
VMScore
CVE-2020-5502
phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships.
Phpbb Phpbb 3.2.8
450
VMScore
CVE-2008-3315
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.10 allow remote malicious users to inject arbitrary web script or HTML via the (1) query string to (a) announcements/messages.php; (b) lostPassword.php and (c) profile.php in auth/; (d) calendar/myagenda.php; (e...
Claroline Claroline 1.8.10
4 EDB exploits
490
VMScore
CVE-2008-3260
Multiple cross-site scripting (XSS) vulnerabilities in Claroline prior to 1.8.10 allow remote malicious users to inject arbitrary web script or HTML via (1) the cwd parameter in a rqMkHtml action to document/rqmkhtml.php, or the query string to (2) announcements/announcements.php...
Claroline Claroline 1.5.4
Claroline Claroline 1.6
Claroline Claroline 1.7.5
Claroline Claroline 1.7.6
Claroline Claroline 1.8.5
Claroline Claroline 1.8.6
Claroline Claroline 1.2
Claroline Claroline 1.6 Beta
Claroline Claroline 1.6 Rc1
Claroline Claroline 1.7.7
Claroline Claroline 1.8.0
Claroline Claroline 1.8.7
Claroline Claroline 1.8.8
Claroline Claroline 1.3
Claroline Claroline 1.4
Claroline Claroline 1.7
Claroline Claroline 1.7.1
Claroline Claroline 1.8.1
Claroline Claroline 1.8.2
Claroline Claroline
Claroline Claroline 1.5
Claroline Claroline 1.5.3
12 EDB exploits
890
VMScore
CVE-2007-1695
PHP remote file inclusion vulnerability in includes/usercp_register.php in phpBB 2.0.19 allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: this issue has been disputed by third-party researchers, stating that the file che...
Phpbb Group Phpbb 2.0.19
605
VMScore
CVE-2006-7077
SQL injection vulnerability in guestbook.php in Advanced Guestbook 2.4 for phpBB allows remote malicious users to execute arbitrary SQl commands via the entry parameter.
Phpbb Group Phpbb Advanced Guestbook 2.4.0
383
VMScore
CVE-2006-7076
Cross-site scripting (XSS) vulnerability in guestbook.php in Advanced Guestbook 2.4 for phpBB allows remote malicious users to inject arbitrary web script or HTML via the entry parameter. NOTE: this issue might be resultant from SQL injection.
Phpbb Group Phpbb Advanced Guestbook 2.4.0
445
VMScore
CVE-2006-2219
phpBB 2.0.20 does not verify user-specified input variable types before being passed to type-dependent functions, which allows remote malicious users to obtain sensitive information, as demonstrated by the (1) mode parameter to memberlist.php and the (2) highlight parameter to vi...
Phpbb Group Phpbb 2.0.20
890
VMScore
CVE-2006-6839
Unspecified vulnerability in phpBB prior to 2.0.22 has unknown impact and remote attack vectors related to "criteria for 'bad' redirection targets."
Phpbb Group Phpbb 1.2.4 Rc3
Phpbb Group Phpbb 2.0.18
Phpbb Group Phpbb 2.0.20
Phpbb Group Phpbb 2.0.21
890
VMScore
CVE-2006-6840
Unspecified vulnerability in phpBB prior to 2.0.22 has unknown impact and remote attack vectors related to a "negative start parameter."
Phpbb Group Phpbb 2.0.18
Phpbb Group Phpbb 2.0.20
Phpbb Group Phpbb 2.0.21
Phpbb Group Phpbb 1.2.4 Rc3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »