Published: 22/12/2005 Updated: 05/09/2008

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SQL injection vulnerability in phpBB 2 prior to 2.0.18 allows remote malicious users to execute arbitrary SQL commands via the topic type.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phpbb group phpbb 2.0.11
phpbb group phpbb 2.0.13
phpbb group phpbb 2.0.4
phpbb group phpbb 2.0.6
phpbb group phpbb 2.0.9
phpbb group phpbb 2.0_rc1
phpbb group phpbb 2.0.15
phpbb group phpbb 2.0.16
phpbb group phpbb 2.0.17
phpbb group phpbb 2.0.2
phpbb group phpbb 2.0_rc2
phpbb group phpbb 2.0_rc3
phpbb group phpbb 2.0_rc4
phpbb group phpbb 2.0.0
phpbb group phpbb 2.0.1
phpbb group phpbb 2.0.10
phpbb group phpbb 2.0.6d
phpbb group phpbb 2.0.7
phpbb group phpbb 2.0.7a
phpbb group phpbb 2.0.8
phpbb group phpbb 2.0.12
phpbb group phpbb 2.0.14
phpbb group phpbb 2.0.3
phpbb group phpbb 2.0.5
phpbb group phpbb 2.0.6c
phpbb group phpbb 2.0.8a
phpbb group phpbb 2.0_beta1

Several vulnerabilities have been discovered in phpBB, a fully featured and skinnable flat webforum The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-3310 Multiple interpretation errors allow remote authenticated users to inject arbitrary web script when remote avatars and avatar uploading ar ...

NVD-CWE-Other http://www.debian.org/security/2005/dsa-925 http://www.securityfocus.com/bid/15246 http://secunia.com/advisories/18098 http://www.osvdb.org/22270 https://nvd.nist.gov https://www.debian.org/security/./dsa-925

CVE-2005-3536

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect