Versions
Phpbb Group PhpbbphpBB 2.0.21 does not properly handle pathnames ending in %00, which allows remote authenticated adm…
Phpbb Group Phpbbusercp_avatar.php in PHPBB 2.0.20, when avatar uploading is enabled, allows remote attackers to use …
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Phpbb Group PhpbbPHP remote file inclusion vulnerability in /includes/kb_constants.php in Knowledge Base Mod for PHPb…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Phpbb Group PhpbbThe gen_rand_string function in phpBB 2.0.19 uses insufficiently random data (small value space) to …
Phpbb Group PhpbbphpBB 2.0.19 and earlier allows remote attackers to cause a denial of service (application crash) by…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Phpbb Group PhpbbA "missing request validation" error in phpBB 2 before 2.0.18 allows remote attackers to edit privat…
Phpbb Group Phpbbadmin/admin_disallow.php in phpBB 2.0.18 allows remote attackers to obtain the installation path via…
Phpbb Group PhpbbphpBB 2.0.18 allows remote attackers to obtain sensitive information via a large SQL query, which ge…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Phpbb Group Phpbbcalendar_scheduler.php in Topic Calendar 1.0.1 module for phpBB, when running on a Microsoft IIS ser…
Phpbb Group PhpbbphpBB 2.0.13 and earlier allows remote attackers to obtain sensitive information via a direct reques…
Phpbb Group Phpbbviewtopic.php in phpBB 2.0.12 and earlier allows remote attackers to obtain sensitive information vi…
Phpbb Group PhpbbphpBB 2.0.11, and possibly other versions, with remote avatars and avatar uploading enabled, allows …
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Phpbb Group PhpbbDirectory traversal vulnerability in (1) usercp_register.php and (2) usercp_avatar.php for phpBB 2.0…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Phpbb Group PhpbbPhpBB 2.0.8 allows remote attackers to gain sensitive information via an invalid (1) category_rows p…
Phpbb Group PhpbbphpBB 2.0.8a and earlier trusts the IP address that is in the X-Forwarded-For in the HTTP header, wh…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Phpbb Group Phpbbinstall.php in phpBB 2.0 through 2.0.1, when "allow_url_fopen" and "register_globals" variables are …
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.