26 matches found
CVE-2006-5305
PHP remote file inclusion vulnerability in lat2cyr.php in the lat2cyr 1.0.1 and earlier phpbb module allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
CVE-2005-4083
Directory traversal vulnerability in xsedit.php in the eXtreme Styles phpBB module 2.2.1 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the edit parameter...
CVE-2005-4083
The CVE-2005-4083 entry describes a directory traversal vulnerability in the eXtreme Styles phpBB module (version 2.2.1 and earlier). The flaw is in xs_edit.php, where a crafted edit parameter containing .. can cause reading of arbitrary files. Documents indicate remote attackers could exploit th...
PHP Photo Album < 2.0.14 Multiple Vulnerabilities
Binary data 2821.prm...
phpBB 2.0.13 DLMan Pro Module - SQL Injection
phpBB 2.0.13 DLMan Pro Module - SQL Injection source: https://www.securityfocus.com/bid/13028/info The DLMan Pro mod for phpBB is reportedly affected by an SQL Injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an...
CVE-2004-1535
PHP remote file inclusion vulnerability in admincash.php for the Cash Mod module for phpBB allows remote attackers to execute arbitrary PHP code by modifying the phpbbrootpath parameter to reference a URL on a remote web server that contains the code...