2180 matches found
phpbb 2.0.14 profile.php 跨站脚本漏洞
No description provided by source...
phpbb 2.0.6 search.php Sql注入
No description provided by source...
phpbb 2.0.5 viewtopic.php Sql注入
No description provided by source...
phpbb 2.0.9 代码执行漏洞
No description provided by source...
phpbb 2.0.12 viewtopic.php Sql注入漏洞
No description provided by source...
phpBB <2.0.7 viewtopic.php 跨站脚本漏洞
No description provided by source...
phpbb 2.0.11 信息泄l漏漏洞
No description provided by source...
phpbb 2.0.8 admin-board.php Sql注入
No description provided by source...
phpbb 2.0.11 usercp-avatar.php 目录遍历漏洞
No description provided by source...
phpbb 2.0.10 admin cash.php 代码执行漏洞
No description provided by source...
phpbb 2.0.6 Sql注入
No description provided by source...
phpBB viewtopic.php Arbitrary Code Execution
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'phpBB...
CVE-2009-3208
Multiple SQL injection vulnerabilities in phpfreeBB 1.0 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to permalink.php and 2 year parameter to index.php...
CVE-2009-3052
SQL injection vulnerability in root/includes/primequickstyle.php in the Prime Quick Style addon before 1.2.3 for phpBB 3 allows remote authenticated users to execute arbitrary SQL commands via the primequickstyle parameter to ucp.php...
Sql injection
SQL injection vulnerability in root/includes/primequickstyle.php in the Prime Quick Style addon before 1.2.3 for phpBB 3 allows remote authenticated users to execute arbitrary SQL commands via the primequickstyle parameter to ucp.php...
CVE-2009-3052
SQL injection vulnerability in root/includes/primequickstyle.php in the Prime Quick Style addon before 1.2.3 for phpBB 3 allows remote authenticated users to execute arbitrary SQL commands via the primequickstyle parameter to ucp.php...
CVE-2009-3052
The CVE-2009-3052 entry IDs a SQL injection in the Prime Quick Style addon for phpBB 3.0.x, in root/includes/prime_quick_style.php, exploitable via the prime_quick_style parameter to ucp.php. The affected version range is before 1.2.3. The vulnerability allows remote authenticated users to execut...
CVE-2008-7143
phpBB 2.0.23 includes the session ID in a request to modcp.php when the moderator or administrator closes a thread, which allows remote attackers to hijack the session via a post in the thread containing a URL to a remotely hosted image, which might include the session ID in the Referer header...
CVE-2008-7143
phpBB 2.0.23 includes the session ID in a request to modcp.php when the moderator or administrator closes a thread, which allows remote attackers to hijack the session via a post in the thread containing a URL to a remotely hosted image, which might include the session ID in the Referer header...
CVE-2008-7143
phpBB 2.0.23 is affected. When a moderator/administrator closes a thread, the session ID can be exposed in a Referer header during a post that includes a URL to a remotely hosted image, enabling remote attackers to hijack the user session. The NVD entry lists CVSS v2 metrics: AV:N/AC:M/Au:N/C:P/I...