Vulnerabilities > Phpbb Group > Phpbb > 2.0

DATE CVE VULNERABILITY TITLE RISK
2006-12-10 CVE-2006-6421 Input Validation vulnerability in PHPBB
Cross-site scripting (XSS) vulnerability in the private message box implementation (privmsg.php) in phpBB 2.0.x allows remote authenticated users to inject arbitrary web script or HTML via the "Message body" field in a message to a non-existent user.
network
phpbb-group
6.0
6.0
2006-10-10 CVE-2006-5209 Remote Security vulnerability in phpBB
PHP remote file inclusion vulnerability in admin/admin_topic_action_logging.php in Admin Topic Action Logging Mod 0.95 and earlier, as used in phpBB 2.0 up to 2.0.21, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
network
low complexity
phpbb-group
7.5
7.5
2004-11-23 CVE-2004-0339 Cross-Site Scripting vulnerability in PHPBB
Cross-site scripting (XSS) vulnerability in ViewTopic.php in phpBB, possibly 2.0.6c and earlier, allows remote attackers to execute arbitrary script or HTML as other users via the postorder parameter.
network
phpbb-group
6.8
6.8