Page 22 of 151 results (0.004 seconds)

CVSS: 4.3EPSS: 0%CPEs: 19EXPL: 2

Multiple cross-site scripting (XSS) vulnerabilities in Photo Album 2.0.53 module for phpBB allow remote attackers to inject arbitrary web script or HTML via the bsid parameter to (1) album_cat.php or (2) album_comment.php. • http://marc.info/?l=bugtraq&m=111343406309969&w=2 http://www.digitalparadox.org/advisories/phpbbp.txt http://www.securityfocus.com/bid/13157 http://www.securityfocus.com/bid/13158 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in the Calendar module for phpBB allow remote attackers to inject arbitrary web script or HTML via the start parameter to calendar_scheduler.php. • http://marc.info/?l=bugtraq&m=111343406309969&w=2 http://www.digitalparadox.org/advisories/phpbbp.txt •

CVSS: 7.5EPSS: 0%CPEs: 19EXPL: 1

Multiple SQL injection vulnerabilities in album_search.php in Photo Album 2.0.53 for phpBB allow remote attackers to execute arbitrary SQL commands via the (1) mode or (2) search parameters. • http://marc.info/?l=bugtraq&m=111343406309969&w=2 http://www.digitalparadox.org/advisories/phpbbp.txt http://www.osvdb.org/15931 http://www.securityfocus.com/bid/13155 https://exchange.xforce.ibmcloud.com/vulnerabilities/20086 •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in PhpBB Plus 1.52 and earlier allow remote attackers to inject arbitrary web script or HTML via the bsid parameter to (1) groupcp.php, (2) index.php, (3) portal.php, (4) viewforum.php, or (5) viewtopic.php, (6) the c parameter to index.php, or (7) the article parameter to portal.php. • http://marc.info/?l=bugtraq&m=111343406309969&w=2 http://www.digitalparadox.org/advisories/phpbbp.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/20085 •

CVSS: 7.5EPSS: 1%CPEs: 24EXPL: 0

Meilad File upload script (up.php) mod for phpBB 2.0.x does not properly limit the types of files that can be uploaded, which allows remote authenticated users to execute arbitrary commands by uploading PHP files, then directly requesting them from the uploads directory. • http://marc.info/?l=bugtraq&m=111299353030534&w=2 http://securitytracker.com/id?1013671 http://www.defacers.com.mx/advisories/2.txt •