Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD4AFACCA1-EB9D-11D9-A8BD-000CF18BBE54
HistoryJun 28, 2005 - 12:00 a.m.

phpbb -- remote PHP code execution vulnerability

2005-06-2800:00:00
vuxml.freebsd.org
20

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.152 Low

EPSS

Percentile

95.8%

JSON

FrSIRT Advisory reports:

A vulnerability was identified in phpBB, which
may be exploited by attackers to compromise a vulnerable
web server. This flaw is due to an input validation error
in the “viewtopic.php” script that does not properly filter
the “highlight” parameter before calling the “preg_replace()”
function, which may be exploited by remote attackers to execute
arbitrary PHP commands with the privileges of the web server.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchphpbb< 2.0.16UNKNOWN

Related

openvas 3
saint 4
nessus 3
canvas 1
cve 1
gentoo 1
ubuntucve 1
dsquare 1
packetstorm 2
openvas
openvas
FreeBSD Ports: phpbb
2008-09-04 00:00:00
FreeBSD Ports: phpbb
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200507-03 (phpBB)
2008-09-24 00:00:00
saint
saint
phpBB viewtopic.php highlight parameter vulnerability
2005-12-28 00:00:00
phpBB viewtopic.php highlight parameter vulnerability
2005-12-28 00:00:00
phpBB viewtopic.php highlight parameter vulnerability
2005-12-28 00:00:00
nessus
nessus
phpBB < 2.0.16 viewtopic.php Highlighting Feature Arbitrary PHP Code Execution
2005-06-29 00:00:00
FreeBSD : phpbb -- remote PHP code execution vulnerability (4afacca1-eb9d-11d9-a8bd-000cf18bbe54)
2005-07-13 00:00:00
GLSA-200507-03 : phpBB: Arbitrary command execution
2005-07-05 00:00:00
canvas
canvas
Immunity Canvas: PHPBB_HIGHLIGHT
2005-07-05 04:00:00
cve
cve
CVE-2005-2086
2005-07-05 04:00:00
gentoo
gentoo
phpBB: Arbitrary command execution
2005-07-04 00:00:00
ubuntucve
ubuntucve
CVE-2005-2086
2005-07-05 00:00:00
dsquare
dsquare
Phpbb RCE
2012-01-26 00:00:00
packetstorm
packetstorm
phpBB viewtopic.php Arbitrary Code Execution
2009-12-31 00:00:00
phpBB viewtopic.php Arbitrary Code Execution
2009-10-30 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.152 Low

EPSS

Percentile

95.8%

JSON
Related for 4AFACCA1-EB9D-11D9-A8BD-000CF18BBE54
openvas3saint4nessus3canvas1cve1gentoo1ubuntucve1dsquare1packetstorm2