Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2007-5100
Multiple PHP remote file inclusion vulnerabilities in phpBB Plus 1.53, and 1.53a prior to 20070922, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) language/lang_german/lang_admin_album...
Phpbb Phpbb Plus 1.53
Phpbb Phpbb Plus
383
VMScore
CVE-2007-5033
Cross-site scripting (XSS) vulnerability in profile.php in phpBB XS 2 allows remote malicious users to inject arbitrary web script or HTML via the selfdes parameter in a profile_info editprofile action.
Phpbb Xs Phpbb Xs 2
685
VMScore
CVE-2007-5009
PHP remote file inclusion vulnerability in language/lang_german/lang_main_album.php in phpBB Plus 1.53, and 1.53a prior to 20070922, allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Phpbb2 Phpbb2 Plus 1.53
Phpbb2 Phpbb2 Plus 1.53a
1 EDB exploit
755
VMScore
CVE-2007-4984
SQL injection vulnerability in index.php in the Ktauber.com StylesDemo mod for phpBB 2.0.xx allows remote malicious users to execute arbitrary SQL commands via the s parameter.
Ktauber Stylesdemo 0.9.9
1 EDB exploit
755
VMScore
CVE-2007-4653
SQL injection vulnerability in links.php in the Links MOD 1.2.2 and previous versions for phpBB 2.0.22 and previous versions allows remote malicious users to execute arbitrary SQL commands via the start parameter in a search action.
Phpbb Phpbb
1 EDB exploit
935
VMScore
CVE-2007-3935
PHP remote file inclusion vulnerability in link_main.php in the SupaNav 1.0.0 module for phpBB allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Phpbb Supanav 1.0.0
1 EDB exploit
755
VMScore
CVE-2007-3697
PHP remote file inclusion vulnerability in phpbb/sendmsg.php in FlashBB 1.1.8 and previous versions allows remote malicious users to execute arbitrary code via a URL in the phpbb_root_path parameter.
Tufat Flashbb
1 EDB exploit
685
VMScore
CVE-2006-7208
PHP remote file inclusion vulnerability in download.php in the Adam van Dongen Forum (com_forum) component (aka phpBB component) 1.2.4RC3 and previous versions for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Adam Van Dongen Phpbb Component 1.2.4rc3
Adam Van Dongen Com Forum 1.2.4rc3
1 EDB exploit
755
VMScore
CVE-2007-3136
PHP remote file inclusion vulnerability in inc/nuke_include.php in newsSync 1.5.0rc6 allows remote malicious users to execute arbitrary PHP code via a URL in the newsSync_NUKE_PATH parameter.
Newssync Newssync 1.5.0 Rc6
1 EDB exploit
578
VMScore
CVE-2007-2858
SQL injection vulnerability in the IP-Search functionality in the IP-Tracking Mod for phpBB 2.0.x allows remote authenticated administrators to execute arbitrary SQL commands via the Search Query field.
Phpbb Ip-tracking 2.0.1
Phpbb Ip-tracking 2.0.2
Phpbb Ip-tracking 2.0.9
Phpbb Ip-tracking 2.0
Phpbb Ip-tracking 2.0.7
Phpbb Ip-tracking 2.0.8
Phpbb Ip-tracking 2.0.5
Phpbb Ip-tracking 2.0.6
Phpbb Ip-tracking 2.0.3
Phpbb Ip-tracking 2.0.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
command injection
CVE-2021-47511
CVE-2024-26238
CVE-2024-4858
CVE-2024-21305
XXE
CVE-2021-47555
CVE-2021-47526
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »