Shodan
Vulnerabilities
Vulnerable Software
Phpbb:  Security Vulnerabilities
CVE-2006-5418
PHP remote file inclusion vulnerability in archive/archive_topic.php in pbpbb archive for search engines (SearchIndexer) (aka phpBBSEI) for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVSS Score
6.8
EPSS Score
0.019
Published
2006-10-20
CVE-2006-5390
PHP remote file inclusion vulnerability in includes/functions_mod_user.php in the ACP User Registration (MMW) 1.00 module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVSS Score
6.8
EPSS Score
0.026
Published
2006-10-18
CVE-2006-5309
PHP remote file inclusion vulnerability in language/lang_french/lang_prillian_faq.php in the Prillian French 0.8.0 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVSS Score
7.5
EPSS Score
0.039
Published
2006-10-17
CVE-2006-5312
PHP remote file inclusion vulnerability in shoutbox.php in the Ajax Shoutbox 0.0.5 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVSS Score
7.5
EPSS Score
0.005
Published
2006-10-17
CVE-2006-5301
PHP remote file inclusion vulnerability in includes/antispam.php in the SpamBlockerMODv 1.0.2 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVSS Score
6.8
EPSS Score
0.017
Published
2006-10-17
CVE-2006-5305
PHP remote file inclusion vulnerability in lat2cyr.php in the lat2cyr 1.0.1 and earlier phpbb module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVSS Score
5.1
EPSS Score
0.029
Published
2006-10-17
CVE-2006-5306
Multiple PHP remote file inclusion vulnerabilities in the Journals System module 1.0.2 (RC2) and earlier for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/journals_delete.php, (2) includes/journals_post.php, or (3) includes/journals_edit.php.
CVSS Score
6.8
EPSS Score
0.052
Published
2006-10-17
CVE-2006-5191
PHP remote file inclusion vulnerability in includes/functions_static_topics.php in the Nivisec Static Topics module for phpBB 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVSS Score
5.1
EPSS Score
0.03
Published
2006-10-10
CVE-2003-1530
SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the mark[] parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2003-12-31
CVE-2002-2255
Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the search_username parameter in searchuser mode.
CVSS Score
4.3
EPSS Score
0.016
Published
2002-12-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved