Vulnerabilities > Phpbb > Phpbb > 2.0.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-03-23 | CVE-2008-6506 | Permissions, Privileges, and Access Controls vulnerability in PHPbb Unspecified vulnerability in phpBB before 3.0.4 allows attackers to bypass intended access restrictions and activate de-activated accounts via unknown vectors. | 5.0 |
2003-12-31 | CVE-2003-1530 | SQL Injection vulnerability in PHPbb 2.0.3 SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the mark[] parameter. | 7.5 |
2002-12-31 | CVE-2002-2346 | Information Exposure vulnerability in PHPbb phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses. | 5.0 |
2002-12-31 | CVE-2002-2255 | Cross-Site Scripting vulnerability in PHPbb 2.0.3 Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the search_username parameter in searchuser mode. | 4.3 |