Vulnerabilities > Phpbb Group > Phpbb > 2.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-12-10 | CVE-2006-6421 | Input Validation vulnerability in PHPBB Cross-site scripting (XSS) vulnerability in the private message box implementation (privmsg.php) in phpBB 2.0.x allows remote authenticated users to inject arbitrary web script or HTML via the "Message body" field in a message to a non-existent user. network phpbb-group | 6.0 |
2006-10-10 | CVE-2006-5209 | Remote Security vulnerability in phpBB PHP remote file inclusion vulnerability in admin/admin_topic_action_logging.php in Admin Topic Action Logging Mod 0.95 and earlier, as used in phpBB 2.0 up to 2.0.21, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
2004-11-23 | CVE-2004-0339 | Cross-Site Scripting vulnerability in PHPBB Cross-site scripting (XSS) vulnerability in ViewTopic.php in phpBB, possibly 2.0.6c and earlier, allows remote attackers to execute arbitrary script or HTML as other users via the postorder parameter. network phpbb-group | 6.8 |