Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2008-6506
Unspecified vulnerability in phpBB prior to 3.0.4 allows malicious users to bypass intended access restrictions and activate de-activated accounts via unknown vectors.
Phpbb Phpbb 2.0
Phpbb Phpbb 1.0
Phpbb Phpbb 3.0.2
Phpbb Phpbb 3.0.1
Phpbb Phpbb 3.0
Phpbb Phpbb 2.0.22
Phpbb Phpbb
Phpbb Phpbb 2.0.3
Phpbb Phpbb 2.01
Phpbb Phpbb 2.0.2
Phpbb Phpbb 2.0.1
6
CVSSv2
CVE-2006-6421
Cross-site scripting (XSS) vulnerability in the private message box implementation (privmsg.php) in phpBB 2.0.x allows remote authenticated users to inject arbitrary web script or HTML via the "Message body" field in a message to a non-existent user.
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.21
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.20
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.19
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.14
1 EDB exploit
5
CVSSv2
CVE-2005-0659
phpBB 2.0.13 and previous versions allows remote malicious users to obtain sensitive information via a direct request to oracle.php, which reveals the path in a PHP error message.
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 1.2.1
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 1.4.1
Phpbb Group Phpbb 1.4.4
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 1.4.2
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 1.0.0
Phpbb Group Phpbb 2.0.10
7.5
CVSSv2
CVE-2006-2865
PHP remote file inclusion vulnerability in template.php in phpBB 2 allows remote malicious users to execute arbitrary PHP code via a URL in the page parameter. NOTE: followup posts have disputed this issue, stating that template.php does not appear in phpBB and does not use a $pa...
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.20
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.19
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.10
1 EDB exploit
7.5
CVSSv2
CVE-2005-1193
The bbencode_second_pass and make_clickable functions in bbcode.php for phpBB prior to 2.0.15, as used in viewtopic.php, privmsg.php, and other scripts, allow remote malicious users to execute arbitrary script via a BBcode tag with a (1) javascript:, (2) applet:, (3) about:, (4) ...
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.0
1 EDB exploit
7.5
CVSSv2
CVE-2005-1047
Meilad File upload script (up.php) mod for phpBB 2.0.x does not properly limit the types of files that can be uploaded, which allows remote authenticated users to execute arbitrary commands by uploading PHP files, then directly requesting them from the uploads directory.
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.0
7.5
CVSSv2
CVE-2006-5209
PHP remote file inclusion vulnerability in admin/admin_topic_action_logging.php in Admin Topic Action Logging Mod 0.95 and previous versions, as used in phpBB 2.0 up to 2.0.21, allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.21
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.20
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.19
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.14
1 EDB exploit
5
CVSSv2
CVE-2006-0438
Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.19, when Link to off-site Avatar or bbcode (IMG) are enabled, allows remote malicious users to perform unauthorized actions as a logged in user via a link or IMG tag in a user profile, as demonstrated using links to (1)...
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.19
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0.15
7.5
CVSSv2
CVE-2005-0614
sessions.php in phpBB 2.0.12 and previous versions allows remote malicious users to gain administrator privileges via the autologinid value in a cookie.
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 1.2.1
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 1.4.1
Phpbb Group Phpbb 1.4.4
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 1.4.2
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 1.0.0
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.6c
3 EDB exploits
5
CVSSv2
CVE-2006-0450
phpBB 2.0.19 and previous versions allows remote malicious users to cause a denial of service (application crash) by (1) registering many users through profile.php or (2) using search.php to search in a certain way that confuses the database.
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.19
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0.15
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29824
CVE-2024-30095
CVE-2024-30104
client side
CVE-2024-5840
CVE-2024-34405
unprivileged
wireless
CVE-2024-4577
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »