SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   


View Topics  >  Vendor  >  phpBB Group

Jul 14 2006   phpBB Input Validation Error in 'memberlist.php' Lets Certain Remote Users Inject SQL Commands
Oct 31 2005   phpBB Lets Remote Users Bypass the Global 'Deregistration' Code, Inject SQL Commands, Execute PHP Code, and Conduct Cross-Site Scripting Attacks
Jun 28 2005   phpBB Flaw in 'viewtopic.php' Highlighting Code May Let Remote Users Execute Arbitrary Commands
Jun 3 2005   (Exploit Details Are Provided) phpBB 'bbcode.php' Input Validation Flaw May Let Remote Users Execute Arbitrary Scripting Code
May 9 2005   phpBB 'bbcode.php' Input Validation Flaw May Let Remote Users Execute Arbitrary Scripting Code
Mar 5 2005   phpBB 'oracle.php' Discloses Path to Remote Users
Mar 4 2005   phpBB 'sessions.php' Grants Administrative Access to Remote Authenticated Users
Mar 4 2005   phpBB 'viewtopic.php' Discloses Path to Remote Users
Mar 3 2005   phpBB 'usercp_register.php' Error Lets Remote Users Conduct Cross-Site Scripting Attacks
Mar 1 2005   (Gentoo Issues Fix) phpBB Avatar Functions Let Remote Users View and Delete Files on the Target System
Feb 23 2005   phpBB Avatar Functions Let Remote Users View and Delete Files on the Target System
Dec 21 2004   phpBB viewtopic.php 'highlight' Input Validation Flaw Lets Remote Users Execute Arbitrary Commands
Dec 16 2004   (Additional Exploit Details) phpBB Image Tag Filtering Hole Lets Remote Users Conduct Cross-Site Scripting Attacks Against phpBB Users
Nov 19 2004   phpBB Input Validation Bug in username Lets Remote Users Conduct Cross-Site Scripting Attacks
Jul 20 2004   phpBB Input Validation Holes Permit Cross-Site Scripting and Response Splitting Attacks
Jul 17 2004   phpBB Input Validation Holes in 'index.php' and 'lang_faq.php' Let Remote Users Conduct Cross-Site Scripting Attacks
Apr 19 2004   phpBB 'common.php' Lets Remote Users Spoof IP Addresses
Mar 26 2004   phpBB Input Validation Flaw in 'privmsg.php' Lets Remote Users Inject SQL Commands
Mar 23 2004   phpBB 'profile.php' Input Validation Flaw in 'avatarselect' Permits Cross-Site Scripting Attacks
Mar 22 2004   phpBB Input Validation Flaws in 'admin_smilies.php' and 'admin_styles.php' Let Remote Authenticated Administrators Inject SQL
Mar 14 2004   phpBB 'search'php' show_results Parameter Lets Remote Users Inject SQL Commands
Mar 13 2004   phpBB Input Validation Flaw in 'topicdays' Variable Lets Remote Users Conduct Cross-Site Scripting Attacks
Mar 3 2004   (Vendor Issues Fix) phpBB Input Validation Flaw in 'viewtopic.php' 'postorder' Variable Lets Remote Users Conduct Cross-Site Scripting Attacks
Feb 28 2004   phpBB Input Validation Flaw in 'viewtopic.php' 'postorder' Variable Lets Remote Users Conduct Cross-Site Scripting Attacks
Dec 29 2003   phpBB Input Validation Flaw in 'groupcp.php' Permits Moderators to Inject SQL Commands
Nov 27 2003   phpBB Input Validation Flaw in 'search_id' Permits SQL Injection and Yields Administrative Access
Nov 8 2003   phpBB Input Validation Flaw in 'profile.php' Lets Remote Users Inject SQL Commands
Sep 15 2003   phpBB Smiley Panel Input Validation Flaw Permits Remote Cross-Site Scripting
Sep 9 2003   phpBB Input Filtering Flaw in BBCode '[URL]' Tag Permits Remote Cross-Site Scripting Attacks
Jun 20 2003   phpBB SQL Injection Flaw in 'viewtopic.php' Discloses Password Hashes to Remote Users
Feb 24 2003   phpBB SQL Injection Flaw Lets Remote Users Gain Administrative Access
Jan 17 2003   phpBB Input Validation Flaw Lets Remote Authenticated Users Inject SQL Commands to Delete Private Messages on the System
Nov 26 2002   phpBB2 Input Validation Flaw Lets Remote Users Insert Scripting Code into Certain HTML Tags to Conduct Cross-Site Scripting Attacks
Oct 29 2002   phpBB Forum Bug in 'admin_ug_auth.php' Lets Remote Authenticated Users Gain Administrative Privileges on the Forum
Oct 10 2002   phpBB Bulletin Board Avatars Disclose User IP Addresses to Remote Users
Jul 28 2002   phpBB Bulletin Board 'Gender Mod' Profile Modification Input Validation Flaw Lets Remote Authenticated Users Gain Administrative Privileges on the Bulletin Board
Jun 18 2002   phpBB Input Validation Error in 'install.php' Lets Remote Users Execute Arbitrary PHP Code and System Commands on the Server
May 31 2002   phpBB Image Tag Filtering Hole Lets Remote Users Conduct Cross-Site Scripting Attacks Against phpBB Users
Apr 4 2002   phpBB Forum May Let Remote Users Corrupt the phpBB Database Using Malicious 'BBcode'
Mar 19 2002   (Fix is Available) Re: phpBB Relative Include Path Bug Lets Remote Users Execute Arbitrary PHP on the Server
Mar 18 2002   phpBB Relative Include Path Bug Lets Remote Users Execute Arbitrary PHP on the Server
Oct 29 2001   phpBB Bulletin Board Fails to Filter HTML Image Tags, Allowing Cross Site Scripting Attacks
Oct 11 2001   phpBB String Processing Bug Lets Remote Users Submit SQL Queries to the Database
Aug 11 2001   (Vendor Releases Fix and Notes of a Similar Flaw in the Vulnerable Version) Re: phpBB Bulletin Board prefs.php Input Validation Flaw Lets Remote Users Execute Arbitrary Code on the Server
Aug 11 2001   phpBB Bulletin Board prefs.php Input Validation Flaw Lets Remote Users Execute Arbitrary Code on the Server
Aug 8 2001   phpBB Bulletin Board bb_profile.php Bug Lets Remote Users Obtain Administrative Access to the Bulletin Board
Aug 4 2001   (3rd Party Fix is Available) Re: phpBB Bulletin Board Lets Remote Users Obtain Administrative Access
Aug 4 2001   phpBB Bulletin Board Lets Remote Users Obtain Administrative Access







Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC