OSVDB: The Open Source Vulnerability Database

phpBB Group

Short Name:	[None Entered]
Previous Names:	[None Entered]
URL:	[None Entered]
Email:	[None Entered]
Security URL:	[None Entered]
Security Email:	[None Entered]
Knowledge Base:	[None Entered]
Notes:	[No Notes]
Full Details...

Vulnerabilities by Vendor Product

phpBB Group

phpBB Group

Advanced Quick Reply Mod: Unknown or Unspecified; OSVDB ID: 4299 phpBB quick_reply.php SQL Injection

phpBB2 Plus: 1.52; OSVDB ID: 15927 phpBB2 Plus portal.php Multiple Variable XSS; OSVDB ID: 15929 phpBB2 Plus viewtopic.php bsid Variable XSS; OSVDB ID: 15928 phpBB2 Plus viewforum.php bsid Variable XSS; OSVDB ID: 15926 phpBB2 Plus index.php Multiple Variable XSS; OSVDB ID: 15925 phpBB2 Plus groupcp.php bsid Variable XSS; OSVDB ID: 15930 phpBB2 Plus Calendar Module calendar_scheduler.php start Variable XSS

Personal Notes Mod: 1.4.7; OSVDB ID: 15899 phpBB Personal Notes Module posting_notes.php p Variable SQL Injection

Gender Mod: 1.1.3; OSVDB ID: 4279 phpBB Gender Mod profile.php gender Variable SQL Injection

phpBB: 2.0.4; OSVDB ID: 2145 phpBB JavaScript Message Content XSS; OSVDB ID: 2186 phpBB viewtopic.php topic_id Variable SQL Injection; OSVDB ID: 2193 phpBB viewtopic.php topic_id Variable XSS; OSVDB ID: 3302 phpBB groupcp.php sql_in Variable SQL Injection; OSVDB ID: 4278 phpBB admin_styles.php Arbitrary Command Execution; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7809 phpBB privmsg.php pm_sql_user Variable SQL Injection; OSVDB ID: 7810 phpBB index.php category_rows Variable XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Variable XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Variable XSS; OSVDB ID: 8165 phpBB privmsg.php mode Variable XSS; OSVDB ID: 8166 phpBB login.php redirect Variable XSS; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 8164 phpBB search.php search_author Variable XSS; 2.0.5; OSVDB ID: 2145 phpBB JavaScript Message Content XSS; OSVDB ID: 2186 phpBB viewtopic.php topic_id Variable SQL Injection; OSVDB ID: 2193 phpBB viewtopic.php topic_id Variable XSS; OSVDB ID: 3302 phpBB groupcp.php sql_in Variable SQL Injection; OSVDB ID: 4270 phpBB profile.php u Variable SQL Injection; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7809 phpBB privmsg.php pm_sql_user Variable SQL Injection; OSVDB ID: 7810 phpBB index.php category_rows Variable XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Variable XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Variable XSS; OSVDB ID: 8165 phpBB privmsg.php mode Variable XSS; OSVDB ID: 8166 phpBB login.php redirect Variable XSS; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 8164 phpBB search.php search_author Variable XSS; 2.0.0; OSVDB ID: 2193 phpBB viewtopic.php topic_id Variable XSS; OSVDB ID: 3302 phpBB groupcp.php sql_in Variable SQL Injection; OSVDB ID: 4267 phpBB Avatar File IP Address Disclosure; OSVDB ID: 4278 phpBB admin_styles.php Arbitrary Command Execution; OSVDB ID: 4284 phpBB admin_ug_auth.php Form Field Manipulation; OSVDB ID: 4296 phpBB Crafted IMG BBCode Tag XSS; OSVDB ID: 4298 phpBB page_header.php select Query SQL Injection; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7809 phpBB privmsg.php pm_sql_user Variable SQL Injection; OSVDB ID: 7810 phpBB index.php category_rows Variable XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Variable XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Variable XSS; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; 2.0.1; OSVDB ID: 2193 phpBB viewtopic.php topic_id Variable XSS; OSVDB ID: 3302 phpBB groupcp.php sql_in Variable SQL Injection; OSVDB ID: 4267 phpBB Avatar File IP Address Disclosure; OSVDB ID: 4278 phpBB admin_styles.php Arbitrary Command Execution; OSVDB ID: 4280 phpBB install.php phpbb_root_dir Remote File Inclusion; OSVDB ID: 4298 phpBB page_header.php select Query SQL Injection; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7809 phpBB privmsg.php pm_sql_user Variable SQL Injection; OSVDB ID: 7810 phpBB index.php category_rows Variable XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Variable XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Variable XSS; OSVDB ID: 8166 phpBB login.php redirect Variable XSS; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 8164 phpBB search.php search_author Variable XSS; 2.0.2; OSVDB ID: 2193 phpBB viewtopic.php topic_id Variable XSS; OSVDB ID: 3302 phpBB groupcp.php sql_in Variable SQL Injection; OSVDB ID: 4267 phpBB Avatar File IP Address Disclosure; OSVDB ID: 4278 phpBB admin_styles.php Arbitrary Command Execution; OSVDB ID: 4298 phpBB page_header.php select Query SQL Injection; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7809 phpBB privmsg.php pm_sql_user Variable SQL Injection; OSVDB ID: 7810 phpBB index.php category_rows Variable XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Variable XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Variable XSS; OSVDB ID: 8166 phpBB login.php redirect Variable XSS; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 8164 phpBB search.php search_author Variable XSS; 2.0.3; OSVDB ID: 2193 phpBB viewtopic.php topic_id Variable XSS; OSVDB ID: 3302 phpBB groupcp.php sql_in Variable SQL Injection; OSVDB ID: 4267 phpBB Avatar File IP Address Disclosure; OSVDB ID: 4278 phpBB admin_styles.php Arbitrary Command Execution; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7809 phpBB privmsg.php pm_sql_user Variable SQL Injection; OSVDB ID: 7810 phpBB index.php category_rows Variable XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Variable XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Variable XSS; OSVDB ID: 8166 phpBB login.php redirect Variable XSS; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 4277 phpBB privmsg.php mode Variable SQL Injection; OSVDB ID: 8164 phpBB search.php search_author Variable XSS; 2.0.6; OSVDB ID: 2532 phpBB URL BBCode Tag XSS; OSVDB ID: 3302 phpBB groupcp.php sql_in Variable SQL Injection; OSVDB ID: 4275 phpBB privmsg.php mode Variable XSS; OSVDB ID: 4276 phpBB groupcp.php mode Variable XSS; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7809 phpBB privmsg.php pm_sql_user Variable SQL Injection; OSVDB ID: 7810 phpBB index.php category_rows Variable XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Variable XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Variable XSS; OSVDB ID: 8165 phpBB privmsg.php mode Variable XSS; OSVDB ID: 8166 phpBB login.php redirect Variable XSS; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 8164 phpBB search.php search_author Variable XSS; 2.0.6c; OSVDB ID: 4256 phpBB viewtopic.php postorder Variable XSS; 2.0.6d; OSVDB ID: 4258 phpBB search.php search_results Variable SQL Injection; OSVDB ID: 4471 phpBB profile.php avitarselect Variable XSS; OSVDB ID: 4259 phpBB viewtopic.php postdays Variable XSS; OSVDB ID: 4257 phpBB viewforum.php topicdays Variable XSS; 2.0 RC3; OSVDB ID: 4268 phpBB db.php Arbitrary Command Execution; 1.4.2; OSVDB ID: 4269 phpBB Message Edit IMG BBCode Tag XSS; OSVDB ID: 4271 phpBB functions.php Database Corruption DoS; OSVDB ID: 4272 phpBB functions.php CPU Consumption DoS; 1.4.4; OSVDB ID: 4269 phpBB Message Edit IMG BBCode Tag XSS; OSVDB ID: 4271 phpBB functions.php Database Corruption DoS; OSVDB ID: 4272 phpBB functions.php CPU Consumption DoS; 1.0.0; OSVDB ID: 4271 phpBB functions.php Database Corruption DoS; OSVDB ID: 4272 phpBB functions.php CPU Consumption DoS; OSVDB ID: 22818 phpBB Rlink Module rlink.php url Variable XSS; 1.2.0; OSVDB ID: 4271 phpBB functions.php Database Corruption DoS; OSVDB ID: 4272 phpBB functions.php CPU Consumption DoS; 1.2.1; OSVDB ID: 4271 phpBB functions.php Database Corruption DoS; OSVDB ID: 4272 phpBB functions.php CPU Consumption DoS; 1.4.0; OSVDB ID: 4271 phpBB functions.php Database Corruption DoS; OSVDB ID: 4272 phpBB functions.php CPU Consumption DoS; OSVDB ID: 4273 phpBB prefs.php Multiple Variable SQL Injection; OSVDB ID: 4274 phpBB prefs.php l_statsblock Variable Arbitrary Code Execution; OSVDB ID: 16986 phpBB auth.php l_privnotify Variable Arbitrary Code Execution; 1.4.1; OSVDB ID: 4271 phpBB functions.php Database Corruption DoS; OSVDB ID: 4272 phpBB functions.php CPU Consumption DoS; OSVDB ID: 4273 phpBB prefs.php Multiple Variable SQL Injection; Unknown or Unspecified; OSVDB ID: 15812 phpBB datenbank Module mod.php id Variable XSS; OSVDB ID: 4297 phpBB viewtopic.php highlight Variable XSS; 2.0.7; OSVDB ID: 4644 phpBB privmsg.php pm_sql_user Variable SQL Injection; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7809 phpBB privmsg.php pm_sql_user Variable SQL Injection; OSVDB ID: 7810 phpBB index.php category_rows Variable XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Variable XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Variable XSS; OSVDB ID: 8165 phpBB privmsg.php mode Variable XSS; OSVDB ID: 8166 phpBB login.php redirect Variable XSS; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 8164 phpBB search.php search_author Variable XSS; 1.x; OSVDB ID: 5931 phpBB Session Table Saturation DoS; OSVDB ID: 8166 phpBB login.php redirect Variable XSS; OSVDB ID: 8164 phpBB search.php search_author Variable XSS; 2.0.8a; OSVDB ID: 5931 phpBB Session Table Saturation DoS; 2.0.8; OSVDB ID: 7809 phpBB privmsg.php pm_sql_user Variable SQL Injection; OSVDB ID: 7808 phpBB index.php category_rows Variable Path Disclosure; OSVDB ID: 7810 phpBB index.php category_rows Variable XSS; OSVDB ID: 7811 phpBB sessions.php Session ID Injection; OSVDB ID: 7813 phpBB viewtopic.php Session ID Injection; OSVDB ID: 7815 phpBB common.php IP Spoofing Access Bypass; OSVDB ID: 7812 phpBB Linked Avatar Injection; OSVDB ID: 7814 phpBB admin_board.php config_name Injection; OSVDB ID: 7944 phpBB lang_faq.php faq Variable Path Disclosure; OSVDB ID: 7945 phpBB lang_bbcode.php Path Disclosure; OSVDB ID: 7946 phpBB usercp_viewprofile.php ranksrow Variable Path Disclosure; OSVDB ID: 7947 phpBB lang_faq.php faq Variable XSS; OSVDB ID: 7948 phpBB lang_bbcode.php faq Variable XSS; OSVDB ID: 8165 phpBB privmsg.php mode Variable XSS; OSVDB ID: 8166 phpBB login.php redirect Variable XSS; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 8164 phpBB search.php search_author Variable XSS; 0.x; OSVDB ID: 8166 phpBB login.php redirect Variable XSS; OSVDB ID: 8164 phpBB search.php search_author Variable XSS; 2.0; OSVDB ID: 8166 phpBB login.php redirect Variable XSS; OSVDB ID: 8164 phpBB search.php search_author Variable XSS; 2.0.9; OSVDB ID: 8165 phpBB privmsg.php mode Variable XSS; OSVDB ID: 8166 phpBB login.php redirect Variable XSS; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; OSVDB ID: 8164 phpBB search.php search_author Variable XSS; 2.0.10; OSVDB ID: 12162 phpBB Attach Module UPLOAD_DIR Directory Traversal; OSVDB ID: 11719 phpBB viewtopic.php highlight Parameter SQL Injection; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; OSVDB ID: 11961 phpBB username Handling XSS; OSVDB ID: 11962 phpBB username Handling SQL Injection; 2.0.11; OSVDB ID: 14038 phpBB Critical Message Path Disclosure; OSVDB ID: 14039 phpBB functions.php Username Handling Path Disclosure; OSVDB ID: 14040 phpBB Avatar Upload Arbitrary File Access; OSVDB ID: 14041 phpBB Avatar Select Arbitrary File Deletion; OSVDB ID: 14042 phpBB search.php Path Disclosure; OSVDB ID: 14065 phpBB search.php SQL Database Name Disclosure; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; 2.0.12; OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure; OSVDB ID: 14242 phpBB sessions.php autologinid Remote Privilege Escalation; 2.0.14; OSVDB ID: 15919 phpBB admin_forums.php forumname Variable XSS; 2.0.17; OSVDB ID: 20387 phpBB usercp_register.php error_msg Variable XSS; OSVDB ID: 20388 phpBB login.php forward_page Variable XSS; OSVDB ID: 20389 phpBB search.php list_cat Variable XSS; OSVDB ID: 20390 phpBB usercp_register.php signature_bbcode_uid Variable SQL Injection; OSVDB ID: 20391 phpBB usercp_register.php signature_bbcode_uid Variable Arbitrary PHP Code Execution; OSVDB ID: 20386 phpBB GPC Variable Set register_globals Bypass; OSVDB ID: 20397 phpBB Avatar Gallery Unspecified Injection; OSVDB ID: 20413 phpBB Crafted HTTP_SESSION_VARS Variable register_globals Bypass; OSVDB ID: 20414 phpBB register_long_array register_globals Bypass; OSVDB ID: 22270 phpBB topic type SQL Injection; 2.0.18; OSVDB ID: 21804 phpBB admin_disallow.php setmodules Variable Path Disclosure; OSVDB ID: 22162 phpBB HTML Tags in MSIE Arbitrary Script Insertion; OSVDB ID: 22161 phpBB url bbcode in MSIE Arbitr