Phpbb Group Phpbb Advanced Guestbook vulnerabilities
3 known vulnerabilities affecting phpbb_group/phpbb_advanced_guestbook.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2006-2152P3HIGHCVSS 7.5PoC≤ 2.4.02006-05-03
CVE-2006-2152 [HIGH] CVE-2006-2152: PHP remote file inclusion vulnerability in admin/addentry.php in phpBB Advanced Guestbook 2.4.0 and
PHP remote file inclusion vulnerability in admin/addentry.php in phpBB Advanced Guestbook 2.4.0 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via the phpbb_root_path parameter.
nvd
CVE-2006-7077P4MEDIUMCVSS 6.8v2.4.02007-03-02
CVE-2006-7077 [MEDIUM] CVE-2006-7077: SQL injection vulnerability in guestbook.php in Advanced Guestbook 2.4 for phpBB allows remote attac
SQL injection vulnerability in guestbook.php in Advanced Guestbook 2.4 for phpBB allows remote attackers to execute arbitrary SQl commands via the entry parameter.
nvd
CVE-2006-7076P4MEDIUMCVSS 4.3v2.4.02007-03-02
CVE-2006-7076 [MEDIUM] CVE-2006-7076: Cross-site scripting (XSS) vulnerability in guestbook.php in Advanced Guestbook 2.4 for phpBB allows
Cross-site scripting (XSS) vulnerability in guestbook.php in Advanced Guestbook 2.4 for phpBB allows remote attackers to inject arbitrary web script or HTML via the entry parameter. NOTE: this issue might be resultant from SQL injection.
nvd