Vulnerabilities > Phpbb > Phpbb > 3.2.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-02 | CVE-2023-5917 | Cross-site Scripting vulnerability in PHPbb A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. | 6.1 |
| 2020-08-17 | CVE-2020-8226 | Server-Side Request Forgery (SSRF) vulnerability in PHPbb A vulnerability exists in phpBB <v3.2.10 and <v3.3.1 which allowed remote image dimensions check to be used to SSRF. | 5.0 |
| 2020-03-20 | CVE-2019-16108 | Code Injection vulnerability in PHPbb 3.2.7 phpBB 3.2.7 allows adding an arbitrary Cascading Style Sheets (CSS) token sequence to a page through BBCode. | 5.0 |
| 2020-03-11 | CVE-2019-16107 | Cross-Site Request Forgery (CSRF) vulnerability in PHPbb 3.2.7 Missing form token validation in phpBB 3.2.7 allows CSRF in deleting post attachments. | 4.3 |
| 2019-09-27 | CVE-2019-13376 | Cross-Site Request Forgery (CSRF) vulnerability in PHPbb 3.2.7 phpBB version 3.2.7 allows the stealing of an Administration Control Panel session id by leveraging CSRF in the Remote Avatar feature. | 4.3 |