Vulnerabilities > Phpbb
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-03-23 | CVE-2008-6507 | Information Disclosure vulnerability in Phpbb Unspecified vulnerability in phpBB before 3.0.4 allows attackers to obtain sensitive information via unknown vectors related to the lack of password prompts for a private message that quotes a post in a password-protected forum. | 5.0 |
| 2009-03-23 | CVE-2008-6506 | Permissions, Privileges, and Access Controls vulnerability in PHPbb Unspecified vulnerability in phpBB before 3.0.4 allows attackers to bypass intended access restrictions and activate de-activated accounts via unknown vectors. | 5.0 |
| 2009-02-27 | CVE-2008-6314 | SQL Injection vulnerability in PHPbb TAG Board SQL injection vulnerability in tag_board.php in the Tag Board module 4.0 and earlier for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action. | 7.5 |
| 2009-02-26 | CVE-2008-6301 | SQL Injection vulnerability in Prezmo Small Shoutbox 1.4 SQL injection vulnerability in shoutbox_view.php in the Small ShoutBox module 1.4 for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action. | 7.5 |
| 2008-09-18 | CVE-2008-4125 | Information Exposure vulnerability in PHPbb 2 The search function in phpBB 2.x provides a search_id value that leaks the state of PHP's PRNG, which allows remote attackers to obtain potentially sensitive information, as demonstrated by a cross-application attack against WordPress, a different vulnerability than CVE-2006-0632. | 5.0 |
| 2008-07-18 | CVE-2008-3224 | Remote Security vulnerability in PHPbb 3.0/3.0.0/3.0.1 Unspecified vulnerability in phpBB before 3.0.1 has unknown impact and attack vectors related to "urls gone through redirect() being used within login_box()." | 10.0 |
| 2008-04-12 | CVE-2008-1766 | Unspecified vulnerability in PHPbb 3.0.0/3.0.0Rc Multiple unspecified vulnerabilities in phpBB before 3.0.1 have unknown impact and attack vectors, related to "two minor security-related bugs." | 10.0 |
| 2008-03-31 | CVE-2008-1565 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in forum/irc/irc.php in the PJIRC 0.5 module for phpBB allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
| 2008-03-25 | CVE-2008-1512 | Path Traversal vulnerability in PHPbb Module XS 2.3.1/2.4.0 Directory traversal vulnerability in admin/admin_xs.php in eXtreme Styles module (XS-Mod) 2.3.1 and 2.4.0 for phpBB allows remote attackers to include and execute arbitrary files via a .. | 7.5 |
| 2008-03-12 | CVE-2008-1305 | SQL Injection vulnerability in Chieminger Filebase Module 2.0 SQL injection vulnerability in filebase.php in the Filebase mod for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |