Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb group vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-3799
phpBB 2.0.18 allows remote malicious users to obtain sensitive information via a large SQL query, which generates an error message that reveals SQL syntax or the full installation path.
Phpbb Group Phpbb 2.0.18
NA
CVE-2005-3415
phpBB 2.0.17 and previous versions allows remote malicious users to bypass protection mechanisms that deregister global variables by setting both a GET/POST/COOKIE (GPC) variable and a GLOBALS[] variable with the same name, which causes phpBB to unset the GLOBALS[] variable but n...
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.17
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0 Rc1
NA
CVE-2005-3416
phpBB 2.0.17 and previous versions, when register_globals is enabled and the session_start function has not been called to handle a session, allows remote malicious users to bypass security checks by setting the $_SESSION and $HTTP_SESSION_VARS variables to strings instead of arr...
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.17
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.12
NA
CVE-2005-3417
phpBB 2.0.17 and previous versions, when the register_long_arrays directive is disabled, allows remote malicious users to modify global variables and bypass security mechanisms because PHP does not define the associated HTTP_* variables.
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.17
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.10
NA
CVE-2005-3418
Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.17 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) error_msg parameter to usercp_register.php, (2) forward_page parameter to login.php, and (3) list_cat paramete...
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.17
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.16
NA
CVE-2005-3419
SQL injection vulnerability in usercp_register.php in phpBB 2.0.17 allows remote malicious users to execute arbitrary SQL commands via the signature_bbcode_uid parameter, which is not properly initialized.
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.2
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.7a
Phpbb Group Phpbb 2.0.8
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.17
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0 Rc4
Phpbb Group Phpbb 2.0.12
NA
CVE-2005-3420
usercp_register.php in phpBB 2.0.17 allows remote malicious users to modify regular expressions and execute PHP code via the signature_bbcode_uid parameter, as demonstrated by injecting an "e" modifier into a preg_replace statement.
Phpbb Group Phpbb 2.0.11
Phpbb Group Phpbb 2.0.12
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.6d
Phpbb Group Phpbb 2.0.7
Phpbb Group Phpbb 2.0 Rc2
Phpbb Group Phpbb 2.0 Rc3
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.10
NA
CVE-2005-3310
Interpretation conflict in phpBB 2.0.17, with remote avatars and avatar uploading enabled, allows remote authenticated users to inject arbitrary web script or HTML via an HTML file with a GIF or JPEG file extension, which causes the HTML to be executed by a victim who views the f...
Phpbb Group Phpbb 2.0.17
NA
CVE-2005-2161
Cross-site scripting (XSS) vulnerability in phpBB 2.0.16 allows remote malicious users to inject arbitrary web script or HTML via nested [url] tags.
Phpbb Group Phpbb 2.0.16
NA
CVE-2005-2086
PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and previous versions allows remote malicious users to execute arbitrary PHP code.
Phpbb Group Phpbb 2.0.15
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »