Vulnerabilities
Vulnerable Software
Phpbb Group:  >> Phpbb  >> 2.0.3  Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 and 2.0.9 allows remote attackers to inject arbitrary HTMl or web script via the search_author parameter.
CVSS Score
4.3
EPSS Score
0.004
Published
2004-07-19
PHP remote file inclusion vulnerability in album_portal.php in phpBB modified by Przemo 1.8 allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter.
CVSS Score
7.5
EPSS Score
0.017
Published
2004-04-19
phpBB 2.0.8a and earlier trusts the IP address that is in the X-Forwarded-For in the HTTP header, which allows remote attackers to spoof IP addresses.
CVSS Score
5.0
EPSS Score
0.006
Published
2004-04-19
SQL injection vulnerability in groupcp.php for phpBB 2.0.6 and earlier allows group moderators to perform unauthorized activities via the sql_in parameter.
CVSS Score
4.6
EPSS Score
0.001
Published
2003-12-29
SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier allows remote attackers to execute arbitrary SQL and gain privileges via the search_id parameter.
CVSS Score
7.5
EPSS Score
0.03
Published
2003-11-27
Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter.
CVSS Score
4.3
EPSS Score
0.004
Published
2002-12-31


Contact Us

Shodan ® - All rights reserved