Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0762
PHP remote file inclusion vulnerability in includes/functions.php in phpBB++ Build 100 allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Phpbb\\+\\+ Phpbb\\+\\+ Build 100
1 EDB exploit
4.3
CVSSv3
CVE-2019-16107
Missing form token validation in phpBB 3.2.7 allows CSRF in deleting post attachments.
Phpbb Phpbb 3.2.7
7.5
CVSSv3
CVE-2019-16108
phpBB 3.2.7 allows adding an arbitrary Cascading Style Sheets (CSS) token sequence to a page through BBCode.
Phpbb Phpbb 3.2.7
NA
CVE-2008-7143
phpBB 2.0.23 includes the session ID in a request to modcp.php when the moderator or administrator closes a thread, which allows remote malicious users to hijack the session via a post in the thread containing a URL to a remotely hosted image, which might include the session ID i...
Phpbb Phpbb 2.0.23
NA
CVE-2003-1530
SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the mark[] parameter.
Phpbb Phpbb 2.0.3
1 EDB exploit
NA
CVE-2006-1896
Unspecified vulnerability in phpBB allows remote authenticated users with Administration Panel access to execute arbitrary PHP code via crafted Font Colour 3 ($theme[fontcolor3] variable) and/or signature values, possibly involving the highlight functionality. NOTE: the original ...
Phpbb Group Phpbb
NA
CVE-2005-1116
Cross-site scripting (XSS) vulnerability in the Calendar module for phpBB allow remote malicious users to inject arbitrary web script or HTML via the start parameter to calendar_scheduler.php.
Phpbb Group Phpbb
NA
CVE-2005-1196
SQL injection vulnerability in kb.php in the Knowledge Base module for phpBB allows remote malicious users to obtain sensitive information and execute SQL commands via the cat parameter.
Phpbb Group Phpbb
1 EDB exploit
NA
CVE-2002-2255
Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote malicious users to inject arbitrary web script or HTML via the search_username parameter in searchuser mode.
Phpbb Phpbb 2.0.3
1 EDB exploit
NA
CVE-2006-4893
PHP remote file inclusion vulnerability in bb_usage_stats/includes/bb_usage_stats.php in phpBB XS 0.58 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter, a different vector than CVE-2006-4780.
Phpbb Xs Phpbb Xs
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »