RSS   Vulnerabilities for 'Phpbb xs'   RSS

2007-09-21
 
CVE-2007-5033

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in profile.php in phpBB XS 2 allows remote attackers to inject arbitrary web script or HTML via the selfdes parameter in a profile_info editprofile action.

 
2006-09-29
 
CVE-2006-5094

CWE-Other
 

 
PHP remote file inclusion vulnerability in includes/functions_kb.php in the phpBB XS 2 (Spain version) allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter, a different vector than CVE-2006-4780 or CVE-2006-4893.

 
2006-09-19
 
CVE-2006-4893

CWE-Other
 

 
PHP remote file inclusion vulnerability in bb_usage_stats/includes/bb_usage_stats.php in phpBB XS 0.58 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter, a different vector than CVE-2006-4780.

 


Copyright 2024, cxsecurity.com

 

Back to Top