https://download.phpbb.com|phpbb vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the https://download.phpbb.com|phpbb package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Cross-site Request Forgery (CSRF)	[0,)
M Information Exposure	[,2.0.23]
M CVE-2005-4358	[,2.0.18]
M Open Redirect	[2.0.6d,2.0.9]
M Cross-site Scripting (XSS)	[,2.0.16]
M Cross-site Scripting (XSS)	[0,)
M Server-side Request Forgery (SSRF)	[,3.2.6)
M Access Restriction Bypass	[,2.0.21]
M Cross-site Scripting (XSS)	[2.0.6d,2.0.21]
L Cross-site Scripting (XSS)	[,2.0.18]
H Arbitrary Code Execution	[,2.0.15]
M Cross-site Scripting (XSS)	[,2.0.19]
M Cross-site Scripting (XSS)	[,2.0.13]
M Arbitrary Code Execution	[2.0.6d,2.0.11]
M Cross-site Scripting (XSS)	[2.0.6d,2.0.17]
M Authentication Bypass	[2.0.6d,2.0.8]
M Information Exposure	[,3.0.4)
M Improper Input Validation	[,2.0.18)
M Information Exposure	[2.0.6d,2.0.13]
H Arbitrary Code Execution	[rc1_pre,2.0.10]
M CVE-2006-4450	[,2.0.20]
M Cross-site Scripting (XSS)	[2.0.0,2.0.14]
M Cross-site Scripting (XSS)	[2.0_rc4,2.0.6]
M Arbitrary Code Execution	[,2.0.21]
M Cross-site Scripting (XSS)	[,3.0.13)
M Cross-site Scripting (XSS)	[2.0.8a,2.0.8]
H Arbitrary Code Execution	[2.0.6d,2.0.21]
H Improper Input Validation	[,3.2.6)
M Access Restriction Bypass	[,3.0.4)
M Cross-site Scripting (XSS)	[,2.0.6]
H Denial of Service (DoS)	[2.0.6d,2.0.17]
L Cross-site Scripting (XSS)	[,2.0.17]
M Information Exposure	[2.0,2.0.3]
M Cross-site Scripting (XSS)	[,2.0.3]
H Server-side Request Forgery (SSRF)	[,3.2.0]
M Server-side Request Forgery (SSRF)	[,3.2.10)[3.3.0,3.3.1)
M Cross-site Scripting (XSS)	[,2.0.19]
M Cross-site Scripting (XSS)	[,2.0.19]
M Access Restriction Bypass	[2.0.6d,2.0.19]
M Denial of Service (DoS)	[2.0.6d,2.0.19]
H Arbitrary Code Execution	[2.0.6d,2.0.8]
M Access Restriction Bypass	[,3.0.7)
M Cross-site Scripting (XSS)	[3.0.0,3.0.7)
M Improper Input Validation	[2.0.6d,2.0.19]
H SQL Injection	[1.0.0,2.0.6]
C Open Redirect	[,3.0.2)
H SQL Injection	[0,)
M Remote Code Execution (RCE)	[0,)
H SQL Injection	[0,)
M Information Exposure	[2.0.8a,2.0.8]
H CVE-2010-1630	[,3.0.5)
H Arbitrary Code Execution	[2.0.6d,2.0.14]
C SQL Injection	[2.0.0,2.0.1]
H SQL Injection	[,2.0.3]
H Cross-site Request Forgery (CSRF)	[,3.1.8)
H Access Restriction Bypass	[2.0.6d,2.0.17]
H SQL Injection	[2.0.6d,2.0.13]
M Cross-site Request Forgery (CSRF)	[0,)
M Cross-site Request Forgery (CSRF)	[,2.0.22]
C CVE-2006-6841	[,2.0.22)
H CVE-2005-0614	[2.0.6d,2.0.12]
M Cross-site Scripting (XSS)	[2.0.6d,2.0.13]
M Cross-site Request Forgery (CSRF)	[0,)
M Information Exposure	[2.0.6d,2.0.11]
M Arbitrary Code Execution	[,2.0.9]
H Cross-site Scripting (XSS)	[2.0_beta1,2.0.0]
H Remote Code Execution (RCE)	[0,)
M Cross-site Scripting (XSS)	[2.0.6d,2.0.19]
M Arbitrary Code Execution	[,2.0.3)
M Access Restriction Bypass	[1.0.0,2.0.6]
M Information Exposure	[,2.0.18]
H Arbitrary Code Execution	[2.0.6d,2.0.17]
M Directory Traversal	[2.0.6d,2.0.11]
M Improper Input Validation	[,2.0.20]
M Open Redirect	[,3.1.0)
C CVE-2002-1537	[,2.0.0]
H Arbitrary Code Execution	[,2.0.11)
H SQL Injection	[,2.0.18)
C Open Redirect	[,2.0.22)
C CVE-2006-6840	[,2.0.22)
M Improper Input Validation	[,2.0.20]
M Arbitrary Code Execution	[2.0_rc1,2.0.1]
M Cross-site Scripting (XSS)	[2.0.6d,2.0.6]
H Arbitrary Code Execution	[2.0.6d,2.0.17]
H Arbitrary Code Execution	[,2.0.15)
H Improper Input Validation	[,3.2.4)
H SQL Injection	[1.0.0,2.0.6]
M Cross-site Scripting (XSS)	[2.0.6d,2.0.9]
H CVE-2005-3415	[2.0.6d,2.0.17]
M Cross-site Scripting (XSS)	[,2.0.3]
H SQL Injection	[2.0.0,2.0.2]
H SQL Injection	[0,)
H SQL Injection	[0,)
M Cross-site Request Forgery (CSRF)	[,3.0.13)

Vulnerability

Vulnerable Version

Cross-site Request Forgery (CSRF)

[0,)

Information Exposure

[,2.0.23]

CVE-2005-4358

[,2.0.18]

Open Redirect

[2.0.6d,2.0.9]

Cross-site Scripting (XSS)

[,2.0.16]