Phpbb Group: >> Phpbb Advanced Guestbook Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in guestbook.php in Advanced Guestbook 2.4 for phpBB allows remote attackers to inject arbitrary web script or HTML via the entry parameter. NOTE: this issue might be resultant from SQL injection.
CVSS Score
4.3
EPSS Score
0.003
Published
2007-03-02
SQL injection vulnerability in guestbook.php in Advanced Guestbook 2.4 for phpBB allows remote attackers to execute arbitrary SQl commands via the entry parameter.
CVSS Score
6.8
EPSS Score
0.005
Published
2007-03-02
PHP remote file inclusion vulnerability in admin/addentry.php in phpBB Advanced Guestbook 2.4.0 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via the phpbb_root_path parameter.
CVSS Score
7.5
EPSS Score
0.121
Published
2006-05-03