Page 8 of 57 results (0.003 seconds)

CVSS: 7.5EPSS: 1%CPEs: 27EXPL: 0

phpBB 2.0.17 and earlier allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GET/POST/COOKIE (GPC) variable and a GLOBALS[] variable with the same name, which causes phpBB to unset the GLOBALS[] variable but not the GPC variable. • http://marc.info/?l=bugtraq&m=113081113317600&w=2 http://secunia.com/advisories/17366 http://secunia.com/advisories/18098 http://securityreason.com/securityalert/130 http://securitytracker.com/id?1015121 http://www.debian.org/security/2005/dsa-925 http://www.hardened-php.net/advisory_172005.75.html http://www.osvdb.org/20386 http://www.securityfocus.com/bid/15243 https://exchange.xforce.ibmcloud.com/vulnerabilities/22914 •

CVSS: 4.3EPSS: 0%CPEs: 27EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) error_msg parameter to usercp_register.php, (2) forward_page parameter to login.php, and (3) list_cat parameter to search.php, which are not initialized as variables. • http://marc.info/?l=bugtraq&m=113081113317600&w=2 http://secunia.com/advisories/17366 http://secunia.com/advisories/18098 http://securityreason.com/securityalert/130 http://securitytracker.com/id?1015121 http://www.debian.org/security/2005/dsa-925 http://www.hardened-php.net/advisory_172005.75.html http://www.osvdb.org/20387 http://www.osvdb.org/20388 http://www.osvdb.org/20389 http://www.securityfocus.com/bid/15243 http://www.vupen.com/english/advisories/2005 •

CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 0

phpBB 2.0.17 and earlier, when the register_long_arrays directive is disabled, allows remote attackers to modify global variables and bypass security mechanisms because PHP does not define the associated HTTP_* variables. • http://marc.info/?l=bugtraq&m=113081113317600&w=2 http://secunia.com/advisories/17366 http://secunia.com/advisories/18098 http://securityreason.com/securityalert/130 http://securitytracker.com/id?1015121 http://www.debian.org/security/2005/dsa-925 http://www.hardened-php.net/advisory_172005.75.html http://www.osvdb.org/20414 http://www.securityfocus.com/bid/15243 •

CVSS: 7.5EPSS: 6%CPEs: 24EXPL: 1

The bbencode_second_pass and make_clickable functions in bbcode.php for phpBB before 2.0.15, as used in viewtopic.php, privmsg.php, and other scripts, allow remote attackers to execute arbitrary script via a BBcode tag with a (1) javascript:, (2) applet:, (3) about:, (4) activex:, (5) chrome:, or (6) script: URI scheme, as demonstrated using the URL tag. • https://www.exploit-db.com/exploits/25628 http://castlecops.com/t123194-.html http://marc.info/?l=full-disclosure&m=111552510000088&w=2 http://seclists.org/lists/bugtraq/2005/May/0098.html http://secunia.com/advisories/15298 http://securitytracker.com/id?1013918 http://securitytracker.com/id?1014117 http://www.kb.cert.org/vuls/id/113196 http://www.osvdb.org/16439 http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=288194 http://www.securityfocus.com/bid/13545&# •

CVSS: 7.5EPSS: 1%CPEs: 24EXPL: 0

Meilad File upload script (up.php) mod for phpBB 2.0.x does not properly limit the types of files that can be uploaded, which allows remote authenticated users to execute arbitrary commands by uploading PHP files, then directly requesting them from the uploads directory. • http://marc.info/?l=bugtraq&m=111299353030534&w=2 http://securitytracker.com/id?1013671 http://www.defacers.com.mx/advisories/2.txt •