phpBB 安全漏洞

phpBB is a set of web forum software developed by Ariefibis. Version phpBB 3.3.15 has a security vulnerability, which stems from cross-site request forgery in the login function and authentication mechanism. This vulnerability could allow for the execution of arbitrary code...

GHSA-69Q7-HWW4-8PJQ phpBB allows CSRF

phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships...

[waraxe-2004-SA#009 - Non-critical Sql injection and XSS bug in PhpBB 2.0.6c]

================================================================================ waraxe-2004-SA009 ================================================================================ Non-critical Sql injection and XSS bug in PhpBB 2.0.6c...

phpBB 1.x/2.0.x - 'search.php?search_results' SQL Injection

source: https://www.securityfocus.com/bid/9883/info A vulnerability has been reported to exist in the software that may allow a remote user to inject malicious SQL syntax into database queries. The problem reportedly exists in one of the parameters of the search.php script. This issue is caused b...

phpBB 2.06 search.php SQL injection

Hello bugtraq readers, A vulnerability exists in phpBB 2.06 that could allow an attacker to manipulate SQL queries and gain administrative control over the forum. The search.php script of the application does not sufficiently sanitize the input of the "searchid" parameter. As a result of this an...