NotCVE - vendor:"Phpbb Group" product:"Phpbb" version:" <= 2.0.10"

Page 16 of 81 results (0.005 seconds)

CVSS: 7.5EPSS: 2%CPEs: 6EXPL: 2

CVE-2002-0902 – PHPBB2 - Image Tag HTML Injection

https://notcve.org/view.php?id=CVE-2002-0902

Cross-site scripting vulnerability in phpBB 2.0.0 (phpBB2) allows remote attackers to execute Javascript as other phpBB users by including a http:// and a double-quote (") in the [IMG] tag, which bypasses phpBB's security check, terminates the src parameter of the resulting HTML IMG tag, and injects the script. Vulnerabilidad de secuencias de comandos en sitios cruzados en phpBB 2.0.0 (phpBB) permite a atacantes remotos ejecutar Javascript como otros usuarios de phpBB incluyendo http:// y comillas dobles ("") en una etiquieta IMG, lo que evade la comprobación de seguridad de phpBB, termina el parámetro src de la etiqueta HTML IMG, e injecta la secuencia de comandos. • https://www.exploit-db.com/exploits/21486 http://online.securityfocus.com/archive/1/274273 http://www.iss.net/security_center/static/9178.php http://www.securityfocus.com/bid/4858 •

CVSS: 5.0EPSS: 1%CPEs: 7EXPL: 0

CVE-2002-0533

https://notcve.org/view.php?id=CVE-2002-0533

phpBB 1.4.4 and earlier with BBcode allows remote attackers to cause a denial of service (CPU consumption) and corrupt the database via null \0 characters within [code] tags. • http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0005.html http://marc.info/?l=bugtraq&m=101794993119738&w=2 http://online.securityfocus.com/archive/1/265798 http://www.iss.net/security_center/static/8764.php http://www.securityfocus.com/bid/4432 http://www.securityfocus.com/bid/4434 •

CVSS: 5.1EPSS: 0%CPEs: 7EXPL: 0

CVE-2002-0475

https://notcve.org/view.php?id=CVE-2002-0475

Cross-site scripting vulnerability in phpBB 1.4.4 and earlier allows remote attackers to execute arbitrary Javascript on web clients by embedding the script within an IMG image tag while editing a message. • http://www.iss.net/security_center/static/7459.php http://www.securiteam.com/unixfocus/6W00Q202UM.html http://www.securityfocus.com/bid/4379 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2001-1482

https://notcve.org/view.php?id=CVE-2001-1482

SQL injection vulnerability in bb_memberlist.php for phpBB 1.4.2 allows remote attackers to execute arbitrary SQL queries via the $sortby variable. • http://www.securityfocus.com/archive/1/219178 http://www.securityfocus.com/bid/3411 https://exchange.xforce.ibmcloud.com/vulnerabilities/7253 •

CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 3

CVE-2001-1472 – phpBB 1.4 - SQL Query Manipulation

https://notcve.org/view.php?id=CVE-2001-1472

SQL injection vulnerability in prefs.php in phpBB 1.4.0 and 1.4.1 allows remote authenticated users to execute arbitrary SQL commands and gain administrative access via the viewemail parameter. • https://www.exploit-db.com/exploits/21046 http://www.kb.cert.org/vuls/id/314347 http://www.securityfocus.com/archive/1/201715 http://www.securityfocus.com/bid/3142 https://exchange.xforce.ibmcloud.com/vulnerabilities/6944 •

1...14 15 16 17