16 matches found
CVE-2026-48613
SQL injection vulnerability in phpBB profile field migration due to improper handling of user-supplied profile field data during migration, allowing execution of arbitrary SQL queries. Only applies to phpBB forums that had been updated from versions prior to phpBB 3.3.8 and have not been updated ...
EUVD-2026-36382
SQL injection vulnerability in phpBB profile field migration due to improper handling of user-supplied profile field data during migration, allowing execution of arbitrary SQL queries. Only applies to phpBB forums that had been updated from versions prior to phpBB 3.3.8 and have not been updated ...
CVE-2026-29199
phpBB before 3.3.16 is vulnerable to Host Header Injection that can lead to password rest link poisoning. When forceservervars is disabled, the servers hostname may be extracted from the HTTP Host header which is used to generate the password reset link URL. An attacker who can manipulate the Hos...
phpBB 安全漏洞
phpBB is a set of web forum software developed by Ariefibis. Version 3.3.15 of phpBB has a security vulnerability; this vulnerability stems from the cross-site request forgery functionality in the administration control panel icons, which may allow for the execution of arbitrary code...
CVE-2019-25685
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
phpBB Cross-site scripting vulnerability
phpBB is a set of open source and PHP-based Web forum software . The software features multi-language support, multiple databases and customizable layouts. A cross-site scripting vulnerability exists in phpBB version 3.3.10 and earlier versions, which stems from the incorrect manipulation of the...
phpBB cross-site request forgery vulnerability (CNVD-2019-35784)
phpBB is a set of open source and PHP-based Web forum software . The software has support for multiple languages , multiple databases and customized layout and so on. A cross-site request forgery vulnerability exists in phpBB version 3.2.7, which can be exploited by an attacker to send unintended...
UBUNTU-CVE-2019-9826
The fulltext search component in phpBB before 3.2.6 allows Denial of Service...
PT-2018-14897 · Phpbb Limited · Phpbb
Name of the Vulnerable Software and Affected Versions: phpBB versions prior to 3.2.4 Description: The issue allows for Remote Code Execution through Object Injection by utilizing Phar deserialization. This can be achieved by passing an absolute path to a file exists check. The exploitation of thi...
Ultimate PHP Board 1.0 final beta ViewTopic.PHP Directory Contents Browsing
No description provided by source. source: http://www.securityfocus.com/bid/6334/info Ultimate PHP Board UPB is a freely available, open source PHP Bulletin Board. It is available for the Unix and Linux operating systems. Under some circumstances, it may be possible to disclose the contents of...
Ultimate PHP Board Board 1.0 final beta ViewTopic.PHP Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6335/info Ultimate PHP Board UPB is a freely available, open source PHP Bulletin Board. It is available for the Unix and Linux operating systems. By passing a malicious script code to the viewtopic.php script, UPB may...
PT-2007-3062 · Phpbb · Phpbb
Name of the Vulnerable Software and Affected Versions: phpBB version 2.0.19 Description: A remote file inclusion issue in the includes/usercp register.php file allows remote attackers to execute arbitrary PHP code via a URL in the phpbb root path parameter. However, it has been noted that this...
vBulletin Detection
The remote host is running vBulletin, a commercial web-based message forum application written in PHP. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17282; scriptversion"1.17"; scriptsetattributeattribute:"pluginmodificationdate", value:"2020/08/10";...
Ultimate PHP Board 1.0 final Beta - 'viewtopic.php' Directory Contents Browsing
source: https://www.securityfocus.com/bid/6334/info Ultimate PHP Board UPB is a freely available, open source PHP Bulletin Board. It is available for the Unix and Linux operating systems. Under some circumstances, it may be possible to disclose the contents of directories. By passing a malicious...
Ultimate PHP Board Board 1.0 final Beta - 'viewtopic.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/6335/info Ultimate PHP Board UPB is a freely available, open source PHP Bulletin Board. It is available for the Unix and Linux operating systems. By passing a malicious script code to the viewtopic.php script, UPB may return the script code to the browser...
Ultimate PHP Board 1.0 final Beta - viewtopic.php Directory Contents Browsing
Ultimate PHP Board 1.0 final Beta - viewtopic.php Directory Contents Browsing source: https://www.securityfocus.com/bid/6334/info Ultimate PHP Board UPB is a freely available, open source PHP Bulletin Board. It is available for the Unix and Linux operating systems. Under some circumstances, it ma...