Vulnerabilities > Phpbb Group > Phpbb Auction

DATE CVE VULNERABILITY TITLE RISK
2006-07-31 CVE-2006-3940 SQL Injection vulnerability in PHPbb Group PHPbb-Auction 1.0M/1.2M/1.3M
Multiple SQL injection vulnerabilities in phpbb-Auction allow remote attackers to execute arbitrary SQL commands via (1) the ar parameter in auction_room.php and (2) the u parameter in auction_store.php.
network
low complexity
phpbb-group
7.5
7.5
2006-05-09 CVE-2006-2245 Code Injection vulnerability in PHPbb Group PHPbb-Auction 1.0M/1.2M/1.3M
PHP remote file inclusion vulnerability in auction\auction_common.php in Auction mod 1.3m for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. 		6.8
6.8
2005-05-02 CVE-2005-1235 Information Disclosure vulnerability in PHPbb Group PHPbb-Auction 1.0M/1.2M
auction_my_auctions.php in phpbb-Auction 1.2m and earlier allows remote attackers to obtain sensitive information via an invalid mode parameter, which leaks the full path in a PHP error message.
network
low complexity
phpbb-group
5.0
5.0
2005-05-02 CVE-2005-1234 SQL Injection vulnerability in PHPbb Group PHPbb-Auction 1.0M/1.2M
Multiple SQL injection vulnerabilities in phpbb-Auction allow remote attackers to execute arbitrary SQL commands via the (1) u parameter to auction_rating.php or (2) ar parameter to action_offer.php.
network
low complexity
phpbb-group
5.0
5.0