2176 matches found
CVE-2010-1627
feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check permissions for feeds, which allows remote attackers to bypass intended access restrictions via unspecified attack vectors related to permission settings on a private forum...
CVE-2002-2346
phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses...
CVE-2002-1894
Cross-site scripting XSS vulnerability in viewtopic.php in phpBB 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter...
CVE-2006-5610
PHP remote file inclusion vulnerability in player/includes/common.php in Teake Nutma Foing, as modified in Fully Modded phpBB phpbbfm 2021.4.40, allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
CVE-2005-3537
A "missing request validation" error in phpBB 2 before 2.0.18 allows remote attackers to edit private messages of other users, probably by modifying certain parameters or other inputs...
CVE-2025-32575
Cross-Site Request Forgery CSRF vulnerability in axew3 WP w3all phpBB wp-w3all-phpbb-integration allows Reflected XSS.This issue affects WP w3all phpBB: from n/a through = 2.9.9...
CVE-2025-32575
Cross-Site Request Forgery CSRF vulnerability in axew3 WP w3all phpBB wp-w3all-phpbb-integration allows Reflected XSS.This issue affects WP w3all phpBB: from n/a through = 2.9.9...
CVE-2025-32575 WordPress WP w3all phpBB Plugin <= 2.9.9 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in axew3 WP w3all phpBB wp-w3all-phpbb-integration allows Reflected XSS.This issue affects WP w3all phpBB: from n/a through = 2.9.9...
CVE-2025-32575
CVE-2025-32575 affects the WordPress plugin WP w3all phpBB (axew3) for WordPress/WP-BB integration. Connected data indicates the issue is described as a Cross-Site Forgery to Stored Cross-Site Scripting (CSRF to S-SCRIPTING) vulnerability affecting WP w3all phpBB up to version 2.9.3. The CVE entr...
WordPress plugin WP w3all phpBB 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...
CVE-2025-32274
Cross-Site Request Forgery CSRF vulnerability in axew3 WP w3all phpBB wp-w3all-phpbb-integration allows Cross Site Request Forgery.This issue affects WP w3all phpBB: from n/a through = 2.9.8...
CVE-2025-32274
Cross-Site Request Forgery CSRF vulnerability in axew3 WP w3all phpBB wp-w3all-phpbb-integration allows Cross Site Request Forgery.This issue affects WP w3all phpBB: from n/a through = 2.9.8...
CVE-2025-32274
CVE-2025-32274 : CSRF vulnerability in the WordPress integration plugin WP w3all phpBB affecting versions up to and including 2.9.3. The initial description states a Cross-Site Request Forgery issue, and the connected records reference the same CVE-2025-32274 with a line noting “Cross-Site Reques...
CVE-2025-32274 WordPress w3all phpBB integration Plugin <= 2.9.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in axew3 WP w3all phpBB wp-w3all-phpbb-integration allows Cross Site Request Forgery.This issue affects WP w3all phpBB: from n/a through = 2.9.8...
CVE-2025-32274 WordPress w3all phpBB integration Plugin <= 2.9.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in axew3 WP w3all phpBB wp-w3all-phpbb-integration allows Cross Site Request Forgery.This issue affects WP w3all phpBB: from n/a through = 2.9.8...
WordPress w3all phpBB integration Plugin <= 2.9.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WP w3all phpBB versions = 2.9.8...
PT-2025-15028 · Unknown · Axew3 Wp W3All Phpbb
Name of the Vulnerable Software and Affected Versions: axew3 WP w3all phpBB versions n/a through 2.9.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows Cross Site Request Forgery. Recommendations: For axew3 WP w3all phpBB versions n/a through 2.9.2, update t...
WordPress plugin WP w3all phpBB 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...
BIT-PHPBB-2020-5501
phpBB 3.2.8 allows a CSRF attack that can modify a group avatar...
BIT-PHPBB-2020-5502
phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships...