Vulnerabilities > Phpbb
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-03-21 | CVE-2006-7174 | Remote Security vulnerability in Dimension PHP remote file inclusion vulnerability in includes/functions.php in the Dimension module of phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 10.0 |
2007-03-20 | CVE-2006-7168 | Unspecified vulnerability in PHPbb PHP remote file inclusion vulnerability in includes/not_mem.php in the Add Name module for PHP allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
2007-03-07 | CVE-2006-7148 | Remote File Include vulnerability in PHPbb Maluinfo 206.2.38 PHP remote file inclusion vulnerability in includes/bb_usage_stats.php in maluinfo 206.2.38 for Brazilian PHPBB allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter. | 10.0 |
2007-03-07 | CVE-2006-7147 | Code Injection vulnerability in PHPbb Import Tools 0.1.3/0.1.4 PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBB Import Tools Mod 0.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 6.8 |
2007-03-03 | CVE-2006-7100 | Code Injection vulnerability in PHPbb Insert User PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBB Insert User 0.1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 6.8 |
2007-02-08 | CVE-2006-2220 | Improper Input Validation vulnerability in PHPbb 2.0.20 phpBB 2.0.20 does not properly verify user-specified input variables used as limits to SQL queries, which allows remote attackers to obtain sensitive information via a negative LIMIT specification, as demonstrated by the start parameter to memberlist.php, which reveals the SQL query in the resulting error message. | 5.0 |
2007-02-06 | CVE-2007-0762 | Remote File Include vulnerability in PHPbb++ Build100 PHP remote file inclusion vulnerability in includes/functions.php in phpBB++ Build 100 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
2007-02-06 | CVE-2007-0761 | Remote Security vulnerability in PHPbb Ezboard Converter 0.2 PHP remote file inclusion vulnerability in config.php in phpBB ezBoard converter (ezconvert) 0.2 allows remote attackers to execute arbitrary PHP code via a URL in the ezconvert_dir parameter. | 7.5 |
2006-12-15 | CVE-2006-6593 | Remote File Include vulnerability in PHPBB Amazonia Component Zufallscodepart.PHP PHP remote file inclusion vulnerability in zufallscodepart.php in AMAZONIA MOD for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
2006-12-11 | CVE-2006-6459 | HTML Injection vulnerability in PHPbb Toplist 1.3.7 Cross-site scripting (XSS) vulnerability in toplist.php in PhpBB Toplist 1.3.7 allows remote attackers to inject arbitrary HTML or web script via the (1) Name and (2) Information fields when adding a new site (toplistnew action). network phpbb | 6.8 |