Page 9 of 75 results (0.007 seconds)

CVSS: 7.5EPSS: 1%CPEs: 24EXPL: 0

Meilad File upload script (up.php) mod for phpBB 2.0.x does not properly limit the types of files that can be uploaded, which allows remote authenticated users to execute arbitrary commands by uploading PHP files, then directly requesting them from the uploads directory. • http://marc.info/?l=bugtraq&m=111299353030534&w=2 http://securitytracker.com/id?1013671 http://www.defacers.com.mx/advisories/2.txt •

CVSS: 4.3EPSS: 87%CPEs: 1EXPL: 3

Cross-site scripting (XSS) vulnerability in calendar_scheduler.php in the Topic Calendar 1.0.1 module for phpBB allows remote attackers to inject arbitrary web script or HTML via the start parameter. • https://www.exploit-db.com/exploits/25270 http://marc.info/?l=bugtraq&m=111168190630576&w=2 http://secunia.com/advisories/14659 http://securitytracker.com/id?1013554 https://exchange.xforce.ibmcloud.com/vulnerabilities/19821 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1

calendar_scheduler.php in Topic Calendar 1.0.1 module for phpBB, when running on a Microsoft IIS server, allows remote attackers to obtain sensitive information via invalid parameters, which reveal the path in an error message. • http://marc.info/?l=bugtraq&m=111168190630576&w=2 http://secunia.com/advisories/14659 http://securitytracker.com/id?1013554 https://exchange.xforce.ibmcloud.com/vulnerabilities/19824 •

CVSS: 5.0EPSS: 0%CPEs: 30EXPL: 2

phpBB 2.0.13 and earlier allows remote attackers to obtain sensitive information via a direct request to oracle.php, which reveals the path in a PHP error message. • http://marc.info/?l=bugtraq&m=110996579900134&w=2 http://neosecurityteam.net/Advisories/Advisory-09.txt http://neosecurityteam.tk/index.php?pagina=advisories&id=9 http://securitytracker.com/id?1013377 •

CVSS: 7.5EPSS: 4%CPEs: 29EXPL: 3

sessions.php in phpBB 2.0.12 and earlier allows remote attackers to gain administrator privileges via the autologinid value in a cookie. • https://www.exploit-db.com/exploits/897 https://www.exploit-db.com/exploits/871 https://www.exploit-db.com/exploits/889 http://marc.info/?l=bugtraq&m=110970201920206&w=2 http://marc.info/?l=bugtraq&m=110999268130739&w=2 http://secunia.com/advisories/14413 http://www.phpbb.com/phpBB/viewtopic.php?t=267563 •