Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2008-1766
Multiple unspecified vulnerabilities in phpBB prior to 3.0.1 have unknown impact and attack vectors, related to "two minor security-related bugs."
Phpbb Phpbb 3.0.0
Phpbb Phpbb 3.0.0rc
Phpbb Phpbb
755
VMScore
CVE-2008-1565
Directory traversal vulnerability in forum/irc/irc.php in the PJIRC 0.5 module for phpBB allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the phpEx parameter.
Hotscripts Pjirc 0.5
Phpbb Pjirc Module 0.5
1 EDB exploit
755
VMScore
CVE-2008-1512
Directory traversal vulnerability in admin/admin_xs.php in eXtreme Styles module (XS-Mod) 2.3.1 and 2.4.0 for phpBB allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the phpEx parameter. NOTE: some of these details are obtained from third ...
Phpbb Module Xs 2.3.1
Phpbb Module Xs 2.4.0
1 EDB exploit
755
VMScore
CVE-2008-1350
SQL injection vulnerability in kb.php in Fully Modded phpBB (phpbbfm) 80220 allows remote malicious users to execute arbitrary SQL commands via the k parameter in an article action.
Fully Modded Phpbb Fully Modded Phpbb
1 EDB exploit
755
VMScore
CVE-2008-1305
SQL injection vulnerability in filebase.php in the Filebase mod for phpBB allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Chieminger Filebase Module 2.0
1 EDB exploit
605
VMScore
CVE-2008-1171
Multiple PHP remote file inclusion vulnerabilities in the 123 Flash Chat Module for phpBB allow remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) 123flashchat.php and (2) phpbb_login_chat.php. NOTE: CVE disputes this issue beca...
Phpbb 123 Flash Chat Module
383
VMScore
CVE-2008-0471
Cross-site request forgery (CSRF) vulnerability in privmsg.php in phpBB 2.0.22 allows remote malicious users to delete private messages (PM) as arbitrary users via a deleteall action.
Phpbb Phpbb 2.0.22
755
VMScore
CVE-2007-6223
SQL injection vulnerability in garage.php in phpBB Garage 1.2.0 Beta3 allows remote malicious users to execute arbitrary SQL commands via the make_id parameter in a search action in browse mode.
Phpbb Garage 1.2.0 Beta3
1 EDB exploit
755
VMScore
CVE-2007-5688
Multiple SQL injection vulnerabilities in directory.php in the Multi-Forums (aka Multi Host Forum Pro) module 1.3.3, for phpBB and Invision Power Board (IPB or IP.Board), allow remote malicious users to execute arbitrary SQL commands via the (1) go and (2) cat parameters.
Sebflipper Multi-forums Module 1.3.3
Invision Power Services Invision Power Board
Phpbb Phpbb
1 EDB exploit
685
VMScore
CVE-2007-5173
PHP remote file inclusion vulnerability in includes/openid/Auth/OpenID/BBStore.php in phpBB Openid 0.2.0 allows remote malicious users to execute arbitrary PHP code via a URL in the openid_root_path parameter.
Openid Openid 0.2.0
Phpbb Phpbb
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »