CVSS: 5.0EPSS: 0%CPEs: 19EXPL: 0CVE-2008-6506
https://notcve.org/view.php?id=CVE-2008-6506
Unspecified vulnerability in phpBB before 3.0.4 allows attackers to bypass intended access restrictions and activate de-activated accounts via unknown vectors. Vulnerabilidad no espécificada en phpBB anteriores a v3.0.4 permite a atacantes saltarse las restricciones de seguridad y activar cuentas desactivadas, a través de vectores desconocidos. • http://secunia.com/advisories/33166 http://www.openwall.com/lists/oss-security/2009/02/06/2 http://www.osvdb.org/50806 http://www.phpbb.com/community/viewtopic.php?f=14&t=1352565 http://www.phpbb.com/support/documents.php?mode=changelog&version=3#v303 http://www.securityfocus.com/bid/32842 https://exchange.xforce.ibmcloud.com/vulnerabilities/47370 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-2008-3224
https://notcve.org/view.php?id=CVE-2008-3224
Unspecified vulnerability in phpBB before 3.0.1 has unknown impact and attack vectors related to "urls gone through redirect() being used within login_box()." Vulnerabilidad sin especificar en phpBB 3.0.1 tiene un impacto desconocido y vectores de ataque relacionados con "URLs a las que se accede a través de redirect() dentro de login_box ()". • http://www.openwall.com/lists/oss-security/2008/07/12/1 http://www.phpbb.com/community/viewtopic.php?f=14&t=1059565&sid=2d3a6352a484588e1ad80f09dd19fe33 https://exchange.xforce.ibmcloud.com/vulnerabilities/44208 •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2008-1766
https://notcve.org/view.php?id=CVE-2008-1766
Multiple unspecified vulnerabilities in phpBB before 3.0.1 have unknown impact and attack vectors, related to "two minor security-related bugs." Múltiples vulnerabilidades no especificadas en phpBB anterior a 3.0.1 tienen un impacto desconocido y vectores de ataque, referidos a " dos errores menores relacionados con la seguridad" • http://www.phpbb.com/community/viewtopic.php?f=14&t=879735 http://www.vupen.com/english/advisories/2008/1236/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41886 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2008-1305 – phpBB Mod FileBase 2.0 - 'id' SQL Injection
https://notcve.org/view.php?id=CVE-2008-1305
SQL injection vulnerability in filebase.php in the Filebase mod for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter. Vulnerabilidad de inyección SQL en filebase.php en el módulo Filebase para phpBB permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id. • https://www.exploit-db.com/exploits/5236 http://www.securityfocus.com/bid/28194 https://exchange.xforce.ibmcloud.com/vulnerabilities/41137 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2007-4984 – phpBB Mod Ktauber.com StylesDemo - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2007-4984
SQL injection vulnerability in index.php in the Ktauber.com StylesDemo mod for phpBB 2.0.xx allows remote attackers to execute arbitrary SQL commands via the s parameter. Una vulnerabilidad de inyección SQL en el archivo index.php en Ktauber.com StylesDemo mod para phpBB versiones 2.0.xx, permite a atacantes remotos ejecutar comandos SQL arbitrarios por medio del parámetro s. • https://www.exploit-db.com/exploits/4425 http://osvdb.org/38264 http://www.securityfocus.com/bid/25710 https://exchange.xforce.ibmcloud.com/vulnerabilities/36689 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •