3 matches found
CVE-2006-1775
Multiple cross-site scripting XSS vulnerabilities in phpBB 2.0.19 allow remote attackers to inject arbitrary web script or HTML via the 1 Site Description field in a adminboard.php, the 2 Group name and 3 Group description fields in b admingroups.php and c groupcp.php, the 4 Theme Name field in d...
CVE-2006-1603
Cross-site scripting XSS vulnerability in profile.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via the curpassword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-1603
The CVE-2006-1603 entry concerns a Cross-site scripting (XSS) vulnerability in phpBB 2.0.19, exploitable through the cur_password parameter in profile.php. The affected software is phpBB 2.0.19, and the vulnerability is triggered via user-supplied input that can inject arbitrary script/HTML into ...