Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2176 matches found

Prion
Prionadded 2006/02/06 10:2 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in adminsmilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the 1 smileurl or 2 smileemotion parameters, which bypasses a check for "" characters...

4.3CVSS6.2AI score0.02613EPSS
Exploits2References7Affected Software1
NVD
NVDadded 2006/02/06 10:2 p.m.8 views

CVE-2006-0437

Cross-site scripting XSS vulnerability in adminsmilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the 1 smileurl or 2 smileemotion parameters, which bypasses a check for "" characters...

4.3CVSS5.7AI score0.02613EPSS
Exploits2References7
NVD
NVDadded 2006/02/06 10:2 p.m.11 views

CVE-2006-0438

Cross-site request forgery CSRF vulnerability in phpBB 2.0.19, when Link to off-site Avatar or bbcode IMG are enabled, allows remote attackers to perform unauthorized actions as a logged in user via a link or IMG tag in a user profile, as demonstrated using links to 1 admin/adminusers.php and 2...

5CVSS6.8AI score0.00818EPSS
Exploits2References7
UbuntuCve
UbuntuCveadded 2006/02/06 10:2 p.m.13 views

CVE-2006-0437

Cross-site scripting XSS vulnerability in adminsmilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the 1 smileurl or 2 smileemotion parameters, which bypasses a check for "" characters...

4.3CVSS6.1AI score0.02613EPSS
Exploits2References1
Cvelist
Cvelistadded 2006/02/06 10:0 p.m.15 views

CVE-2006-0437

Cross-site scripting XSS vulnerability in adminsmilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the 1 smileurl or 2 smileemotion parameters, which bypasses a check for "" characters...

5.7AI score0.02613EPSS
Exploits2References7
CVE
CVEadded 2006/02/06 10:0 p.m.55 views

CVE-2006-0437

CVE-2006-0437 describes a cross‑site scripting (XSS) vulnerability in phpBB 2.0.19, specifically in admin_smilies.php. The issue allows remote attackers to inject arbitrary web script or HTML by supplying crafted values in the smile_url or smile_emotion parameters (via Javascript events like onmo...

4.3CVSS5.7AI score0.02613EPSS
Exploits2References7Affected Software1
Cvelist
Cvelistadded 2006/02/06 10:0 p.m.11 views

CVE-2006-0438

Cross-site request forgery CSRF vulnerability in phpBB 2.0.19, when Link to off-site Avatar or bbcode IMG are enabled, allows remote attackers to perform unauthorized actions as a logged in user via a link or IMG tag in a user profile, as demonstrated using links to 1 admin/adminusers.php and 2...

6.8AI score0.00818EPSS
Exploits2References7
CVE
CVEadded 2006/02/06 10:0 p.m.43 views

CVE-2006-0438

CVE-2006-0438 is a CSRF vulnerability in phpBB 2.0.19 where enabling Link to off-site Avatar or bbcode (IMG) allows an attacker to perform actions as a logged-in user via a link or image in a profile (e.g., admin/admin_users.php, modcp.php). The NVD entry lists a CVSSv2 base score of 5.0 (Medium)...

5CVSS6.8AI score0.00818EPSS
Exploits2References7Affected Software1
Packet Storm
Packet Stormadded 2006/02/06 12:0 a.m.41 views

phpBB2.0.19.txt

Orginal Source: http://securityreason.com/achievementsecurityalert/31 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpBB 2.0.19 Cross Site Request Forgeries and XSS Admin Author: Maksymilian Arciemowicz cXIb8O3 Date: 3.2.2006 from SecurityReason.Com CVE-2006-0437 for the XSS issues CVE-2006-0438...

5CVSS6.6AI score0.02613EPSS
Exploits3
seebug.org
seebug.orgadded 2006/02/05 12:0 a.m.31 views

phpBB 2.0.19 (Style Changer/Demo Mod) SQL Injection Exploit

No description provided by source. !/usr/bin/perl | | | \ | | |/ phpBB Style Changer/Demo Mod--GET HASH EXPLOIT Created By SkOd SED security Team http://www.sed-team.be [email protected] ISRAEL google: "Powered by phpBB" inurl:"index.php?s" OR inurl:"index.php?style" use IO::Socket; if @ARGV 3...

7.1AI score
Exploits0
0day.today
0day.todayadded 2006/02/05 12:0 a.m.102 views

phpBB 2.0.19 (Style Changer/Demo Mod) SQL Injection Exploit

Exploit for unknown platform in category web applications =========================================================== phpBB 2.0.19 Style Changer/Demo Mod SQL Injection Exploit =========================================================== !/usr/bin/perl | | | \ | | |/ phpBB Style Changer/Demo Mod--G...

7.1AI score
Exploits0
Exploit DB
Exploit DBadded 2006/02/05 12:0 a.m.69 views

phpBB 2.0.19 - Style Changer/Demo Mod SQL Injection

!/usr/bin/perl | | | \ | | |/ phpBB Style Changer/Demo Mod--GET HASH EXPLOIT Created By SkOd SED security Team http://www.sed-team.be [email protected] ISRAEL google: "Powered by phpBB" inurl:"index.php?s" OR inurl:"index.php?style" use IO::Socket; if @ARGV 3 print q phpBB Style Changer\Viewer MO...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2006/02/05 12:0 a.m.23 views

phpBB 2.0.19 - Style ChangerDemo Mod SQL Injection

phpBB 2.0.19 - Style ChangerDemo Mod SQL Injection !/usr/bin/perl | | | \ | | |/ phpBB Style Changer/Demo Mod--GET HASH EXPLOIT Created By SkOd SED security Team http://www.sed-team.be [email protected] ISRAEL google: "Powered by phpBB" inurl:"index.php?s" OR inurl:"index.php?style" use IO::Socke...

0.3AI score
Exploits0
securityvulns
securityvulnsadded 2006/02/03 12:0 a.m.42 views

[Full-disclosure] phpBB 2.0.19 Cross Site Request Forgeries and XSS Admin

Orginal Source: http://securityreason.com/achievementsecurityalert/31 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpBB 2.0.19 Cross Site Request Forgeries and XSS Admin Author: Maksymilian Arciemowicz cXIb8O3 Date: 3.2.2006 from SecurityReason.Com CVE-2006-0437 for the XSS issues CVE-2006-0438...

5CVSS5.7AI score0.02613EPSS
Exploits3
Prion
Prionadded 2006/02/01 10:2 p.m.9 views

Cross site scripting

Cross-site scripting XSS vulnerability in rlink.php in Rlink 1.0.0 module for phpBB allows remote attackers to inject arbitrary web script or HTML via the url parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS6AI score0.00427EPSS
Exploits0References5Affected Software1
NVD
NVDadded 2006/02/01 10:2 p.m.14 views

CVE-2006-0499

Cross-site scripting XSS vulnerability in rlink.php in Rlink 1.0.0 module for phpBB allows remote attackers to inject arbitrary web script or HTML via the url parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS5.6AI score0.00427EPSS
Exploits0References5
Cvelist
Cvelistadded 2006/02/01 10:0 p.m.11 views

CVE-2006-0499

Cross-site scripting XSS vulnerability in rlink.php in Rlink 1.0.0 module for phpBB allows remote attackers to inject arbitrary web script or HTML via the url parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

5.6AI score0.00427EPSS
Exploits0References5
CVE
CVEadded 2006/02/01 10:0 p.m.39 views

CVE-2006-0499

CVE-2006-0499 describes a cross-site scripting (XSS) vulnerability in the Rlink 1.0.0 module for phpBB, exploitable via the url parameter in rlink.php. The vulnerability allows remote attackers to inject arbitrary script/HTML. Affected component: Rlink 1.0.0 module for phpBB (rlink.php). Root cau...

4.3CVSS5.6AI score0.00427EPSS
Exploits0References5Affected Software1
securityvulns
securityvulnsadded 2006/02/01 12:0 a.m.26 views

[SA18620] phpBB Rlink Module "url" Cross-Site Scripting Vulnerability

TITLE: phpBB Rlink Module "url" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA18620 VERIFY ADVISORY: http://secunia.com/advisories/18620/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Rlink 1.x module for phpBB http://secunia.com/product/7185/...

0.4AI score
Exploits0
exploitpack
exploitpackadded 2006/01/29 12:0 a.m.14 views

phpBB 2.0.19 - Cross-Site Scripting Remote Cookie Disclosure

phpBB 2.0.19 - Cross-Site Scripting Remote Cookie Disclosure to be used with cookie stealer located here: http://www.milw0rm.com/id.php?id=1103 https://www.exploit-db.com/exploits/1103/ Make sure you change www.milw0rm.com to your domain. thnx. /str0ke Author: threesixthousan / As long as html is...

6.9AI score
Exploits0
Rows per page
Query Builder