Vulnerabilities > Phpbb Group > Phpbb
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-04-19 | CVE-2004-1943 | Remote File Include vulnerability in PHPBB album_portal.php PHP remote file inclusion vulnerability in album_portal.php in phpBB modified by Przemo 1.8 allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter. | 7.5 |
| 2003-12-31 | CVE-2003-1373 | Path Traversal vulnerability in PHPbb Group PHPbb Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. | 6.8 |
| 2003-12-31 | CVE-2003-1244 | SQL Injection vulnerability in PHPbb Group PHPbb 2.0.0/2.0.1/2.0.2 SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php. | 7.5 |
| 2003-12-29 | CVE-2003-1215 | SQL Injection vulnerability in phpBB GroupCP.PHP SQL injection vulnerability in groupcp.php for phpBB 2.0.6 and earlier allows group moderators to perform unauthorized activities via the sql_in parameter. | 4.6 |
| 2003-11-27 | CVE-2003-1216 | SQL Injection vulnerability in phpBB search.php SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier allows remote attackers to execute arbitrary SQL and gain privileges via the search_id parameter. | 7.5 |
| 2003-08-07 | CVE-2003-0486 | SQL Injection vulnerability in phpBB Viewtopic.PHP SQL injection vulnerability in viewtopic.php for phpBB 2.0.5 and earlier allows remote attackers to steal password hashes via the topic_id parameter. | 5.0 |
| 2003-08-07 | CVE-2003-0484 | Cross-Site Scripting vulnerability in phpBB Cross-site scripting (XSS) vulnerability in viewtopic.php for phpBB allows remote attackers to insert arbitrary web script via the topic_id parameter. network phpbb-group | 6.8 |
| 2003-03-31 | CVE-2002-1537 | Unspecified vulnerability in PHPbb Group PHPbb 2.0.0 admin_ug_auth.php in phpBB 2.0.0 allows local users to gain administrator privileges by directly calling admin_ug_auth.php with modifed form fields such as "u". | 10.0 |
| 2002-12-31 | CVE-2002-2176 | Remote SQL Injection vulnerability in phpBB2 Gender Mod SQL injection vulnerability in Gender MOD 1.1.3 allows remote attackers to gain administrative access via the user_level parameter in the User Profile page. | 10.0 |
| 2002-12-31 | CVE-2002-1894 | Cross-Site Scripting vulnerability in PHPbb Group PHPbb 2.0.3 Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter. network phpbb-group | 4.3 |