Vulnerabilities > Phpbb Group > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-04-19 | CVE-2004-1943 | Remote File Include vulnerability in PHPBB album_portal.php PHP remote file inclusion vulnerability in album_portal.php in phpBB modified by Przemo 1.8 allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter. | 7.5 |
| 2003-12-31 | CVE-2003-1244 | SQL Injection vulnerability in PHPbb Group PHPbb 2.0.0/2.0.1/2.0.2 SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php. | 7.5 |
| 2003-11-27 | CVE-2003-1216 | SQL Injection vulnerability in phpBB search.php SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier allows remote attackers to execute arbitrary SQL and gain privileges via the search_id parameter. | 7.5 |
| 2002-10-04 | CVE-2002-0902 | HTML Injection vulnerability in PHPBB2 Image Tag Cross-site scripting vulnerability in phpBB 2.0.0 (phpBB2) allows remote attackers to execute Javascript as other phpBB users by including a http:// and a double-quote (") in the [IMG] tag, which bypasses phpBB's security check, terminates the src parameter of the resulting HTML IMG tag, and injects the script. | 7.5 |
| 2001-12-31 | CVE-2001-1482 | Remote SQL Query Manipulation vulnerability in PHPbb Group PHPbb 1.4.2 SQL injection vulnerability in bb_memberlist.php for phpBB 1.4.2 allows remote attackers to execute arbitrary SQL queries via the $sortby variable. | 7.5 |