Vendor Dictionary: phpBB Group

phpBB Group

Short Name:	[None Entered]
Previous Names:	[None Entered]
URL:	[None Entered]
Email:	[None Entered]
Security URL:	[None Entered]
Security Email:	[None Entered]
Knowledge Base:	[None Entered]
Notes:	[No Notes]

Vulnerabilities by Vendor Product

phpBB Group

phpBB Group

Advanced Quick Reply Mod: Unknown or Unspecified; OSVDB ID: 4299 phpBB quick_reply.php SQL Injection

BLOG: 2.2.2; OSVDB ID: 21565 phpBB Blog index.php permalink Parameter SQL Injection

phpBB2 Plus: 1.52; OSVDB ID: 15927 phpBB2 Plus portal.php Multiple Parameter XSS; OSVDB ID: 15929 phpBB2 Plus viewtopic.php bsid Parameter XSS; OSVDB ID: 15928 phpBB2 Plus viewforum.php bsid Parameter XSS; OSVDB ID: 15926 phpBB2 Plus index.php Multiple Parameter XSS; OSVDB ID: 15925 phpBB2 Plus groupcp.php bsid Parameter XSS; OSVDB ID: 15930 phpBB2 Plus Calendar Module calendar_scheduler.php start Parameter XSS

Personal Notes Mod: 1.4.7; OSVDB ID: 15899 phpBB Personal Notes Module posting_notes.php p Parameter SQL Injection

Gender Mod: 1.1.3; OSVDB ID: 4279 phpBB Gender Mod profile.php gender Parameter SQL Injection

phpBB: 2.0.4; OSVDB ID: 2145 phpBB JavaScript Message Content XSS; OSVDB ID: 3302 phpBB groupcp.php sql_in Parameter SQL Injection; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7810 phpBB index.php category_rows Parameter XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Parameter XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Parameter XSS; OSVDB ID: 8165 phpBB privmsg.php mode Parameter XSS; OSVDB ID: 8166 phpBB login.php redirect Parameter XSS; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 8164 phpBB search.php search_author Parameter XSS; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 2186 phpBB viewtopic.php topic_id Parameter SQL Injection; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 4278 phpBB admin_styles.php Arbitrary Command Execution; OSVDB ID: 2193 phpBB viewtopic.php topic_id Parameter XSS; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 4644 phpBB privmsg.php pm_sql_user Parameter SQL Injection; 2.0.5; OSVDB ID: 2145 phpBB JavaScript Message Content XSS; OSVDB ID: 3302 phpBB groupcp.php sql_in Parameter SQL Injection; OSVDB ID: 4270 phpBB profile.php u Parameter SQL Injection; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7810 phpBB index.php category_rows Parameter XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Parameter XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Parameter XSS; OSVDB ID: 8165 phpBB privmsg.php mode Parameter XSS; OSVDB ID: 8166 phpBB login.php redirect Parameter XSS; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 8164 phpBB search.php search_author Parameter XSS; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 2186 phpBB viewtopic.php topic_id Parameter SQL Injection; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 2193 phpBB viewtopic.php topic_id Parameter XSS; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 4644 phpBB privmsg.php pm_sql_user Parameter SQL Injection; 2.0.0; OSVDB ID: 3302 phpBB groupcp.php sql_in Parameter SQL Injection; OSVDB ID: 4284 phpBB admin_ug_auth.php Form Field Manipulation; OSVDB ID: 4298 phpBB page_header.php select Query SQL Injection; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7810 phpBB index.php category_rows Parameter XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Parameter XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Parameter XSS; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 4267 phpBB Avatar File IP Address Disclosure; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 4278 phpBB admin_styles.php Arbitrary Command Execution; OSVDB ID: 2193 phpBB viewtopic.php topic_id Parameter XSS; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 4296 phpBB Crafted IMG BBCode Tag XSS; OSVDB ID: 4644 phpBB privmsg.php pm_sql_user Parameter SQL Injection; 2.0.1; OSVDB ID: 3302 phpBB groupcp.php sql_in Parameter SQL Injection; OSVDB ID: 4280 phpBB install.php phpbb_root_dir Remote File Inclusion; OSVDB ID: 4298 phpBB page_header.php select Query SQL Injection; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7810 phpBB index.php category_rows Parameter XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Parameter XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Parameter XSS; OSVDB ID: 8166 phpBB login.php redirect Parameter XSS; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 8164 phpBB search.php search_author Parameter XSS; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 4267 phpBB Avatar File IP Address Disclosure; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 4278 phpBB admin_styles.php Arbitrary Command Execution; OSVDB ID: 2193 phpBB viewtopic.php topic_id Parameter XSS; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 4644 phpBB privmsg.php pm_sql_user Parameter SQL Injection; 2.0.2; OSVDB ID: 3302 phpBB groupcp.php sql_in Parameter SQL Injection; OSVDB ID: 4298 phpBB page_header.php select Query SQL Injection; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7810 phpBB index.php category_rows Parameter XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Parameter XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Parameter XSS; OSVDB ID: 8166 phpBB login.php redirect Parameter XSS; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 8164 phpBB search.php search_author Parameter XSS; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 4267 phpBB Avatar File IP Address Disclosure; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 4278 phpBB admin_styles.php Arbitrary Command Execution; OSVDB ID: 2193 phpBB viewtopic.php topic_id Parameter XSS; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 4644 phpBB privmsg.php pm_sql_user Parameter SQL Injection; 2.0.3; OSVDB ID: 3302 phpBB groupcp.php sql_in Parameter SQL Injection; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7810 phpBB index.php category_rows Parameter XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Parameter XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Parameter XSS; OSVDB ID: 8166 phpBB login.php redirect Parameter XSS; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 4277 phpBB privmsg.php mode Parameter SQL Injection; OSVDB ID: 8164 phpBB search.php search_author Parameter XSS; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 4267 phpBB Avatar File IP Address Disclosure; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 4278 phpBB admin_styles.php Arbitrary Command Execution; OSVDB ID: 2193 phpBB viewtopic.php topic_id Parameter XSS; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 4644 phpBB privmsg.php pm_sql_user Parameter SQL Injection; 2.0.6; OSVDB ID: 2532 phpBB URL BBCode Tag XSS; OSVDB ID: 3302 phpBB groupcp.php sql_in Parameter SQL Injection; OSVDB ID: 4275 phpBB privmsg.php mode Parameter XSS; OSVDB ID: 4276 phpBB groupcp.php mode Parameter XSS; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7810 phpBB index.php category_rows Parameter XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Parameter XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Parameter XSS; OSVDB ID: 8165 phpBB privmsg.php mode Parameter XSS; OSVDB ID: 8166 phpBB login.php redirect Parameter XSS; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 8164 phpBB search.php search_author Parameter XSS; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 4644 phpBB privmsg.php pm_sql_user Parameter SQL Injection; 2.0.6c; OSVDB ID: 4256 phpBB viewtopic.php postorder Parameter XSS; 2.0.6d; OSVDB ID: 4258 phpBB search.php search_results Parameter SQL Injection; OSVDB ID: 4471 phpBB profile.php avitarselect Parameter XSS; OSVDB ID: 4259 phpBB viewtopic.php postdays Parameter XSS; OSVDB ID: 4257 phpBB viewforum.php topicdays Parameter XSS; 2.0 RC3; OSVDB ID: 4268 phpBB db.php Arbitrary Command Execution; 1.4.2; OSVDB ID: 4269 phpBB Message Edit IMG BBCode Tag XSS; OSVDB ID: 4271 phpBB functions.php Database Corruption DoS; OSVDB ID: 4272 phpBB functions.php CPU Consumption DoS; 1.4.4; OSVDB ID: 4269 phpBB Message Edit IMG BBCode Tag XSS; OSVDB ID: 4271 phpBB functions.php Database Corruption DoS; OSVDB ID: 4272 phpBB functions.php CPU Consumption DoS; 1.0.0; OSVDB ID: 4271 phpBB functions.php Database Corruption DoS; OSVDB ID: 4272 phpBB functions.php CPU Consumption DoS; OSVDB ID: 22818 phpBB Rlink Module rlink.php url Parameter XSS; 1.2.0; OSVDB ID: 4271 phpBB functions.php Database Corruption DoS; OSVDB ID: 4272 phpBB functions.php CPU Consumption DoS; 1.2.1; OSVDB ID: 4271 phpBB functions.php Database Corruption DoS; OSVDB ID: 4272 phpBB functions.php CPU Consumption DoS; 1.4.0; OSVDB ID: 4271 phpBB functions.php Database Corruption DoS; OSVDB ID: 4272 phpBB functions.php CPU Consumption DoS; OSVDB ID: 16986 phpBB auth.php l_privnotify Variable Arbitrary Code Execution; OSVDB ID: 4273 phpBB prefs.php Multiple Parameter SQL Injection; OSVDB ID: 4274 phpBB prefs.php l_statsblock Variable Arbitrary Code Execution; 1.4.1; OSVDB ID: 4271 phpBB functions.php Database Corruption DoS; OSVDB ID: 4272 phpBB functions.php CPU Consumption DoS; OSVDB ID: 4273 phpBB prefs.php Multiple Parameter SQL Injection; Unknown or Unspecified; OSVDB ID: 15812 phpBB datenbank Module mod.php id Parameter XSS; OSVDB ID: 4297 phpBB viewtopic.php highlight Parameter XSS; 2.0.7; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7810 phpBB index.php category_rows Parameter XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Parameter XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Parameter XSS; OSVDB ID: 8165 phpBB privmsg.php mode Parameter XSS; OSVDB ID: 8166 phpBB login.php redirect Parameter XSS; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 8164 phpBB search.php search_author Parameter XSS; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 4644 phpBB privmsg.php pm_sql_user Parameter SQL Injection; 1.x; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 8166 phpBB login.php redirect Parameter XSS; OSVDB ID: 8164 phpBB search.php search_author Parameter XSS; 2.0.8a; OSVDB ID: 5931 phpBB Session Table Saturation DoS; 2.0.8; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7810 phpBB index.php category_rows Parameter XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Parameter XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Parameter XSS; OSVDB ID: 8165 phpBB privmsg.php mode Parameter XSS; OSVDB ID: 8166 phpBB login.php redirect Parameter XSS; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 8164 phpBB search.php search_author Parameter XSS; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 4644 phpBB privmsg.php pm_sql_user Parameter SQL Injection; 0.x; OSVDB ID: 8166 phpBB login.php redirect Parameter XSS; OSVDB ID: 8164 phpBB search.php search_author Parameter XSS; 2.0; OSVDB ID: 8166 phpBB login.php redirect Parameter XSS; OSVDB ID: 8164 phpBB search.php search_author Parameter XSS; 2.0.9; OSVDB ID: 8165 phpBB privmsg.php mode Parameter XSS; OSVDB ID: 8166 phpBB login.php redirect Parameter XSS; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 8164 phpBB search.php search_author Parameter XSS; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; 2.0.10; OSVDB ID: 12162 phpBB Attach Module UPLOAD_DIR Directory Traversal; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; 2.0.11; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14065 phpBB search.php SQL Database Name Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; 2.0.12; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; 2.0.14; OSVDB ID: 15919 phpBB admin_forums.php forumname Parameter XSS; 2.0.17; OSVDB ID: 20387 phpBB usercp_register.php error_msg Parameter XSS; OSVDB ID: 20388 phpBB login.php forward_page Parameter XSS; OSVDB ID: 20389 phpBB search.php list_cat Parameter XSS; OSVDB ID: 20390 phpBB usercp_register.php signature_bbcode_uid Parameter SQL Injection; OSVDB ID: 20391 phpBB usercp_register.php signature_bbcode_uid Variable Arbitrary PHP Code Execution; OSVDB ID: 20386 phpBB GPC Variable Set register_globals Bypass; OSVDB ID: 20397 phpBB Avatar Gallery Unspecified Injection; OSVDB ID: 20413 phpBB Crafted HTTP_SESSION_VARS Variable register_globals Bypass; OSVDB ID: 20414 phpBB register_long_array register_globals Bypass; OSVDB ID: 22270 phpBB topic type SQL Injection; 2.0.18; OSVDB ID: 22162 phpBB HTML Tags in MSIE Arbitrary Script Insertion; OSVDB ID: 22161 phpBB url bbcode in MSIE Arbitrary Script Insertion; OSVDB ID: 21804 phpBB admin_disallow.php setmodules Variable Path Disclosure; OSVDB ID: 21803 phpBB Always Allow HTML Feature XSS; 2.0.19; OSVDB ID: 22672 phpBB Allowed HTML Tags Single Quote XSS; OSVDB ID: 22949 phpBB gen_rand_string() Predictable Random Number Generator (RNG) Weakness; OSVDB ID: 22928 phpBB admin_smilies.php smile_url Parameter XSS; OSVDB ID: 24356 phpBB admin_styles.php Theme Name Field XSS; 3.0.3; OSVDB ID: 50806 phpBB Account Reactivation Security Restriction Bypass; 2.0.15; OSVDB ID: 17613 phpBB viewtopic.php Highlighting Feature Arbitrary PHP Code Execution; 3.0.7-PL1; OSVDB ID: 69399 phpBB includes/message_parser.php [flash=] BBCode XSS; 2.0.16; OSVDB ID: 17888 phpBB Nested url BBCode Tag XSS; 2.0.10; OSVDB ID: 31001 phpBB groupcp.php phpbb_root_path Parameter Remote File Inclusion; 27.9; OSVDB ID: 86466 phpBB admin/admin_db_utilities.php phpbb_root_path Parameter Remote File Inclusion

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.