SQL injection in phpBB (3)

The remote host is running a version of phpBB older than 2.0.9. There is a flaw in the remote software which may allow anyone to inject arbitrary SQL commands, which may in turn be used to gain administrative access on the remote host or to obtain the MD5 hash of the password of any user. One...

phpBB < 2.0.10 Multiple Vulnerabilities

phpBB is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpbb:phpbb"; ifdescription...

phpBB Fetch All < 2.0.12 SQLi Vulnerability

phpBB Fetch All is prone to a SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpbb:phpbb";...

phpBB < 2.0.9 SQLi Vulnerability

phpBB is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpbb:phpbb";...

phpBB <= 2.0.17 Multiple Vulnerabilities

The remote host is running a version of phpBB that, if using PHP 5 with 'registerglobals' enabled, fails to properly deregister global variables as well as failing to initialize several variables in various scripts. An attacker may be able to exploit these issues to execute arbitrary code or to...

CVE-2005-3418

Multiple cross-site scripting XSS vulnerabilities in phpBB 2.0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 errormsg parameter to usercpregister.php, 2 forwardpage parameter to login.php, and 3 listcat parameter to search.php, which are not initialized as...

CVE-2005-3416

phpBB 2.0.17 and earlier, when registerglobals is enabled and the sessionstart function has not been called to handle a session, allows remote attackers to bypass security checks by setting the $SESSION and $HTTPSESSIONVARS variables to strings instead of arrays, which causes an arraymerge functi...

CVE-2005-3417

phpBB 2.0.17 and earlier, when the registerlongarrays directive is disabled, allows remote attackers to modify global variables and bypass security mechanisms because PHP does not define the associated HTTP variables...

CVE-2005-3415

phpBB 2.0.17 and earlier allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GET/POST/COOKIE GPC variable and a GLOBALS variable with the same name, which causes phpBB to unset the GLOBALS variable but not the GPC variable...

CVE-2005-3418

Multiple cross-site scripting XSS vulnerabilities in phpBB 2.0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 errormsg parameter to usercpregister.php, 2 forwardpage parameter to login.php, and 3 listcat parameter to search.php, which are not initialized as...

CVE-2005-3420

usercpregister.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signaturebbcodeuid parameter, as demonstrated by injecting an "e" modifier into a pregreplace statement...

CVE-2005-3420

usercpregister.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signaturebbcodeuid parameter, as demonstrated by injecting an "e" modifier into a pregreplace statement...

CVE-2005-3419

SQL injection vulnerability in usercpregister.php in phpBB 2.0.17 allows remote attackers to execute arbitrary SQL commands via the signaturebbcodeuid parameter, which is not properly initialized...

CVE-2005-3415

phpBB 2.0.17 and earlier allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GET/POST/COOKIE GPC variable and a GLOBALS variable with the same name, which causes phpBB to unset the GLOBALS variable but not the GPC variable...

CVE-2005-3417

phpBB 2.0.17 and earlier, when the registerlongarrays directive is disabled, allows remote attackers to modify global variables and bypass security mechanisms because PHP does not define the associated HTTP variables...

CVE-2005-3419

SQL injection vulnerability in usercpregister.php in phpBB 2.0.17 allows remote attackers to execute arbitrary SQL commands via the signaturebbcodeuid parameter, which is not properly initialized...

CVE-2005-3416

phpBB 2.0.17 and earlier, when registerglobals is enabled and the sessionstart function has not been called to handle a session, allows remote attackers to bypass security checks by setting the $SESSION and $HTTPSESSIONVARS variables to strings instead of arrays, which causes an arraymerge functi...

CVE-2005-3419

SQL injection vulnerability in usercpregister.php in phpBB 2.0.17 allows remote attackers to execute arbitrary SQL commands via the signaturebbcodeuid parameter, which is not properly initialized...

CVE-2005-3416

CVE-2005-3416 affects phpBB up to version 2.0.17 (and earlier) where, if register_globals is enabled and session handling omits a call to session_start, an attacker can bypass security checks by assigning strings to $_SESSION and $HTTP_SESSION_VARS, which causes an array_merge to fail. OpenVAS/De...

CVE-2005-3418

Multiple cross-site scripting XSS vulnerabilities in phpBB 2.0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 errormsg parameter to usercpregister.php, 2 forwardpage parameter to login.php, and 3 listcat parameter to search.php, which are not initialized as...