CVE-2008-6507

Unspecified vulnerability in phpBB before 3.0.4 allows attackers to obtain sensitive information via unknown vectors related to the lack of password prompts for a private message that quotes a post in a password-protected forum...

CVE-2008-6506

Unspecified vulnerability in phpBB before 3.0.4 allows attackers to bypass intended access restrictions and activate de-activated accounts via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in phpBB before 3.0.4 allows attackers to bypass intended access restrictions and activate de-activated accounts via unknown vectors...

CVE-2008-6506

Unspecified vulnerability in phpBB before 3.0.4 allows attackers to bypass intended access restrictions and activate de-activated accounts via unknown vectors...

CVE-2008-6507

Unspecified vulnerability in phpBB before 3.0.4 allows attackers to obtain sensitive information via unknown vectors related to the lack of password prompts for a private message that quotes a post in a password-protected forum...

Default credentials

Unspecified vulnerability in phpBB before 3.0.4 allows attackers to obtain sensitive information via unknown vectors related to the lack of password prompts for a private message that quotes a post in a password-protected forum...

CVE-2008-6506

CVE-2008-6506 affects phpBB prior to 3.0.4, enabling an authentication bypass that allows activating deactivated accounts via unknown vectors. The OpenVAS entry confirms an account activation bypass vulnerability in phpBB, with affected versions up to 3.0.3. Practical impact is unauthorized acces...

CVE-2008-6507

The vulnerability CVE-2008-6507 affects phpBB before 3.0.4, per multiple sources (NVD, Red Hat, Ubuntu, GHSA, osv) describing an unspecified information-disclosure issue related to the lack of password prompts for a private message quoting a post in a password-protected forum. Root cause: insuffi...

CVE-2008-6507

Unspecified vulnerability in phpBB before 3.0.4 allows attackers to obtain sensitive information via unknown vectors related to the lack of password prompts for a private message that quotes a post in a password-protected forum...

CVE-2008-6506

Unspecified vulnerability in phpBB before 3.0.4 allows attackers to bypass intended access restrictions and activate de-activated accounts via unknown vectors...

phpBB 'ucp.php' XSS Vulnerability

According to its version number, the remote version of phpbb is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. UPDATE March 13, 2009: The referenced BID is being retired because the issue cannot be exploited as described...

phpBB Forum Detection (HTTP)

HTTP based detection of phpBB. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.100033";...

PHPBB 2.0.22 XSRF Exploit

Author: Dante90, WaRWolFz Crew Title: Exploit PhpBB = 2.0.22 Add User In A Group SWF Version By Dante90 0-Day Proof Of Concept: PhpBB 2.0.22 = CSRF Add user In Group By Vincy Change: ByPass HTTPREFERER Protection. MSN: [email protected] Web: www.warwolfz.org Exploit PhpBB = 2.0.22 Add User ...

Remote file inclusion

PHP remote file inclusion vulnerability in include/global.php in Multi SEO phpBB 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the pfad parameter...

CVE-2008-6377

PHP remote file inclusion vulnerability in include/global.php in Multi SEO phpBB 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the pfad parameter...

CVE-2008-6377

CVE-2008-6377 is a PHP remote file inclusion vulnerability in Multi SEO phpBB 1.1.0. The flaw exists in include/global.php and allows a remote attacker to execute arbitrary PHP code by supplying a URL in the pfad parameter, leading to potential compromise of the affected system. Affected product/...

Sql injection

SQL injection vulnerability in tagboard.php in the Tag Board module 4.0 and earlier for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action...

CVE-2008-6314

SQL injection vulnerability in tagboard.php in the Tag Board module 4.0 and earlier for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action...

CVE-2008-6314

CVE-2008-6314 describes a SQL injection in the Tag Board module for phpBB (version 4.0 and earlier), in the file tag_board.php. The vulnerability is exploitable via the id parameter in a delete action, enabling remote attackers to execute arbitrary SQL commands. The provided documents confirm the...

CVE-2008-6301

SQL injection vulnerability in shoutboxview.php in the Small ShoutBox module 1.4 for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action...