Phpbb Group: >> Phpbb >> 2.0.8 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 and 2.0.9 allows remote attackers to inject arbitrary HTMl or web script via the search_author parameter.
CVSS Score
4.3
EPSS Score
0.004
Published
2004-07-19
PHP remote file inclusion vulnerability in album_portal.php in phpBB modified by Przemo 1.8 allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter.
CVSS Score
7.5
EPSS Score
0.017
Published
2004-04-19
phpBB 2.0.8a and earlier trusts the IP address that is in the X-Forwarded-For in the HTTP header, which allows remote attackers to spoof IP addresses.
CVSS Score
5.0
EPSS Score
0.006
Published
2004-04-19
Page 4