Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpbb phpbb 2.0.22 vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2006-6839
Unspecified vulnerability in phpBB prior to 2.0.22 has unknown impact and remote attack vectors related to "criteria for 'bad' redirection targets."
Phpbb Group Phpbb 1.2.4 Rc3
Phpbb Group Phpbb 2.0.18
Phpbb Group Phpbb 2.0.20
Phpbb Group Phpbb 2.0.21
890
VMScore
CVE-2006-6840
Unspecified vulnerability in phpBB prior to 2.0.22 has unknown impact and remote attack vectors related to a "negative start parameter."
Phpbb Group Phpbb 2.0.18
Phpbb Group Phpbb 2.0.20
Phpbb Group Phpbb 2.0.21
Phpbb Group Phpbb 1.2.4 Rc3
890
VMScore
CVE-2006-6841
Certain forms in phpBB prior to 2.0.22 lack session checks, which has unknown impact and remote attack vectors.
Phpbb Group Phpbb 2.0.18
Phpbb Group Phpbb 2.0.21
Phpbb Group Phpbb 1.2.4 Rc3
Phpbb Group Phpbb 2.0.20
755
VMScore
CVE-2007-4653
SQL injection vulnerability in links.php in the Links MOD 1.2.2 and previous versions for phpBB 2.0.22 and previous versions allows remote malicious users to execute arbitrary SQL commands via the start parameter in a search action.
Phpbb Phpbb
1 EDB exploit
534
VMScore
CVE-2006-6508
Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.21 allows remote authenticated users to send unauthorized messages as an arbitrary user via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party info...
Phpbb Group Phpbb 2.0.21
445
VMScore
CVE-2008-6506
Unspecified vulnerability in phpBB prior to 3.0.4 allows malicious users to bypass intended access restrictions and activate de-activated accounts via unknown vectors.
Phpbb Phpbb 2.0.3
Phpbb Phpbb 2.01
Phpbb Phpbb 3.0
Phpbb Phpbb 1.0
Phpbb Phpbb 2.0
Phpbb Phpbb 2.0.1
Phpbb Phpbb 3.0.2
Phpbb Phpbb
Phpbb Phpbb 3.0.1
Phpbb Phpbb 2.0.2
Phpbb Phpbb 2.0.22
409
VMScore
CVE-2006-4758
phpBB 2.0.21 does not properly handle pathnames ending in %00, which allows remote authenticated administrative users to upload arbitrary files, as demonstrated by a query to admin/admin_board.php with an avatar_path parameter ending in .php%00.
Phpbb Group Phpbb 2.0.21
383
VMScore
CVE-2008-0471
Cross-site request forgery (CSRF) vulnerability in privmsg.php in phpBB 2.0.22 allows remote malicious users to delete private messages (PM) as arbitrary users via a deleteall action.
Phpbb Phpbb 2.0.22
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started