Vulnerabilities > Phpbb Group > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-20 | CVE-2005-4357 | Cross-Site Scripting vulnerability in PHPbb Group PHPbb 2.0.18 Cross-site scripting (XSS) vulnerability in phpBB 2.0.18, when "Allowed HTML tags" is enabled, allows remote attackers to inject arbitrary Javascript via a permitted HTML tag with " (quote) characters and active attributes such as onmouseover. | 2.6 |
| 2005-10-26 | CVE-2005-3310 | HTML Injection vulnerability in PHPbb Group PHPbb 2.0.17 Interpretation conflict in phpBB 2.0.17, with remote avatars and avatar uploading enabled, allows remote authenticated users to inject arbitrary web script or HTML via an HTML file with a GIF or JPEG file extension, which causes the HTML to be executed by a victim who views the file in Internet Explorer, which renders malformed image types as HTML, enabling cross-site scripting (XSS) attacks. network phpbb-group | 3.5 |