Vulnerabilities > Phpbb

DATE	CVE	VULNERABILITY TITLE	RISK
2002-12-31	CVE-2002-2346	Information Exposure vulnerability in PHPbb phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses. network low complexity phpbb CWE-200	5.0
2002-12-31	CVE-2002-2287	Code Injection vulnerability in PHPbb Advanced Quick Reply Hack 1.0.0/1.1.0 PHP remote file inclusion vulnerability in quick_reply.php for phpBB Advanced Quick Reply Hack 1.0.0 and 1.1.0 allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter. network low complexity phpbb CWE-94	7.5
2002-12-31	CVE-2002-2255	Cross-Site Scripting vulnerability in PHPbb 2.0.3 Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the search_username parameter in searchuser mode. network phpbb CWE-79	4.3
2001-07-31	CVE-2001-1471	Improper Initialization vulnerability in PHPbb 1.4.0 prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users to execute arbitrary PHP code via an invalid language value, which prevents the variables (1) $l_statsblock in prefs.php or (2) $l_privnotify in auth.php from being properly initialized, which can be modified by the user and later used in an eval statement. network low complexity phpbb CWE-665	8.8

Vulnerabilities > Phpbb {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Phpbb"}]}