Vulnerabilities > Phpbb

DATE CVE VULNERABILITY TITLE RISK
2006-10-20 CVE-2006-5418 Code Injection vulnerability in PHPbb Searchindexer
PHP remote file inclusion vulnerability in archive/archive_topic.php in pbpbb archive for search engines (SearchIndexer) (aka phpBBSEI) for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
network
phpbb CWE-94
6.8
2006-10-18 CVE-2006-5390 Code Injection vulnerability in PHPbb ACP User Registration Module 1.00
PHP remote file inclusion vulnerability in includes/functions_mod_user.php in the ACP User Registration (MMW) 1.00 module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
network
phpbb CWE-94
6.8
2006-10-17 CVE-2006-5312 Remote Security vulnerability in Ajax Shoutbox
PHP remote file inclusion vulnerability in shoutbox.php in the Ajax Shoutbox 0.0.5 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
network
low complexity
phpbb
7.5
2006-10-17 CVE-2006-5309 Remote File Include vulnerability in PHPBB Prillian French Lang_Prillian_Faq.PHP
PHP remote file inclusion vulnerability in language/lang_french/lang_prillian_faq.php in the Prillian French 0.8.0 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
network
low complexity
phpbb
7.5
2006-10-17 CVE-2006-5306 Code Injection vulnerability in PHPbb Journals System Module 1.0.2
Multiple PHP remote file inclusion vulnerabilities in the Journals System module 1.0.2 (RC2) and earlier for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/journals_delete.php, (2) includes/journals_post.php, or (3) includes/journals_edit.php.
network
phpbb CWE-94
6.8
2006-10-17 CVE-2006-5305 Remote File Include vulnerability in Lat2Cyr Lat2Cyr.PHP
PHP remote file inclusion vulnerability in lat2cyr.php in the lat2cyr 1.0.1 and earlier phpbb module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
network
high complexity
phpbb
5.1
2006-10-17 CVE-2006-5301 Code Injection vulnerability in PHPbb Spamblockermod 1.0/1.0.1
PHP remote file inclusion vulnerability in includes/antispam.php in the SpamBlockerMODv 1.0.2 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
network
phpbb CWE-94
6.8
2006-10-10 CVE-2006-5191 Code Injection vulnerability in PHPbb
PHP remote file inclusion vulnerability in includes/functions_static_topics.php in the Nivisec Static Topics module for phpBB 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
network
high complexity
phpbb CWE-94
5.1
2003-12-31 CVE-2003-1530 SQL Injection vulnerability in PHPbb 2.0.3
SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the mark[] parameter.
network
low complexity
phpbb CWE-89
7.5
2002-12-31 CVE-2002-2349 Information Exposure vulnerability in PHPbb PHPbbmod 1.3.3
phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to obtain sensitive environment information.
network
low complexity
phpbb CWE-200
5.0