Page 27 of 179 results (0.009 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

SQL injection vulnerability in kb.php in the Knowledge Base module for phpBB allows remote attackers to obtain sensitive information and execute SQL commands via the cat parameter. • https://www.exploit-db.com/exploits/25451 http://marc.info/?l=bugtraq&m=111384185116335&w=2 •

CVSS: 4.3EPSS: 0%CPEs: 19EXPL: 2

Multiple cross-site scripting (XSS) vulnerabilities in Photo Album 2.0.53 module for phpBB allow remote attackers to inject arbitrary web script or HTML via the bsid parameter to (1) album_cat.php or (2) album_comment.php. • http://marc.info/?l=bugtraq&m=111343406309969&w=2 http://www.digitalparadox.org/advisories/phpbbp.txt http://www.securityfocus.com/bid/13157 http://www.securityfocus.com/bid/13158 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in the Calendar module for phpBB allow remote attackers to inject arbitrary web script or HTML via the start parameter to calendar_scheduler.php. • http://marc.info/?l=bugtraq&m=111343406309969&w=2 http://www.digitalparadox.org/advisories/phpbbp.txt •

CVSS: 7.5EPSS: 0%CPEs: 19EXPL: 1

Multiple SQL injection vulnerabilities in album_search.php in Photo Album 2.0.53 for phpBB allow remote attackers to execute arbitrary SQL commands via the (1) mode or (2) search parameters. • http://marc.info/?l=bugtraq&m=111343406309969&w=2 http://www.digitalparadox.org/advisories/phpbbp.txt http://www.osvdb.org/15931 http://www.securityfocus.com/bid/13155 https://exchange.xforce.ibmcloud.com/vulnerabilities/20086 •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in PhpBB Plus 1.52 and earlier allow remote attackers to inject arbitrary web script or HTML via the bsid parameter to (1) groupcp.php, (2) index.php, (3) portal.php, (4) viewforum.php, or (5) viewtopic.php, (6) the c parameter to index.php, or (7) the article parameter to portal.php. • http://marc.info/?l=bugtraq&m=111343406309969&w=2 http://www.digitalparadox.org/advisories/phpbbp.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/20085 •