| Max CVSS | 10.0 | Min CVSS | 6.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-6421 | 6.0 |
Cross-site scripting (XSS) vulnerability in the private message box implementation (privmsg.php) in phpBB 2.0.x allows remote authenticated users to inject arbitrary web script or HTML via the "Message body" field in a message to a non-existent user.
|
17-10-2018 - 21:48 | 10-12-2006 - 11:28 | |
| CVE-2006-6839 | 10.0 |
Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to "criteria for 'bad' redirection targets."
|
05-09-2008 - 21:15 | 31-12-2006 - 05:00 | |
| CVE-2006-6840 | 10.0 |
Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to a "negative start parameter."
|
05-09-2008 - 21:15 | 31-12-2006 - 05:00 | |
| CVE-2006-6841 | 10.0 |
Certain forms in phpBB before 2.0.22 lack session checks, which has unknown impact and remote attack vectors.
|
05-09-2008 - 21:15 | 31-12-2006 - 05:00 |