Shodan
Vulnerabilities
Vulnerable Software
Phpbb Group:  Security Vulnerabilities
CVE-2003-1216
SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier allows remote attackers to execute arbitrary SQL and gain privileges via the search_id parameter.
CVSS Score
7.5
EPSS Score
0.03
Published
2003-11-27
CVE-2003-0484
Cross-site scripting (XSS) vulnerability in viewtopic.php for phpBB allows remote attackers to insert arbitrary web script via the topic_id parameter.
CVSS Score
6.8
EPSS Score
0.009
Published
2003-08-07
CVE-2003-0486
SQL injection vulnerability in viewtopic.php for phpBB 2.0.5 and earlier allows remote attackers to steal password hashes via the topic_id parameter.
CVSS Score
5.0
EPSS Score
0.016
Published
2003-08-07
CVE-2002-1537
admin_ug_auth.php in phpBB 2.0.0 allows local users to gain administrator privileges by directly calling admin_ug_auth.php with modifed form fields such as "u".
CVSS Score
10.0
EPSS Score
0.004
Published
2003-03-31
CVE-2002-1707
install.php in phpBB 2.0 through 2.0.1, when "allow_url_fopen" and "register_globals" variables are set to "on", allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_dir parameter to reference a URL on a remote web server that contains the code.
CVSS Score
5.0
EPSS Score
0.003
Published
2002-12-31
CVE-2002-1894
Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter.
CVSS Score
4.3
EPSS Score
0.004
Published
2002-12-31
CVE-2002-2176
SQL injection vulnerability in Gender MOD 1.1.3 allows remote attackers to gain administrative access via the user_level parameter in the User Profile page.
CVSS Score
10.0
EPSS Score
0.007
Published
2002-12-31
CVE-2002-0902
Cross-site scripting vulnerability in phpBB 2.0.0 (phpBB2) allows remote attackers to execute Javascript as other phpBB users by including a http:// and a double-quote (") in the [IMG] tag, which bypasses phpBB's security check, terminates the src parameter of the resulting HTML IMG tag, and injects the script.
CVSS Score
7.5
EPSS Score
0.082
Published
2002-10-04
CVE-2002-0473
db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier allows remote attackers to execute arbitrary code from remote servers via the phpbb_root_path parameter.
CVSS Score
10.0
EPSS Score
0.145
Published
2002-08-12
CVE-2002-0475
Cross-site scripting vulnerability in phpBB 1.4.4 and earlier allows remote attackers to execute arbitrary Javascript on web clients by embedding the script within an IMG image tag while editing a message.
CVSS Score
5.1
EPSS Score
0.008
Published
2002-08-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved