CVE-2004-1809
Description
Cross-site scripting vulnerability in phpBB 2.0.6d and earlier allows remote attackers to inject arbitrary web script or HTML via unsanitized parameters in viewtopic.php and viewforum.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Cross-site scripting vulnerability in phpBB 2.0.6d and earlier allows remote attackers to inject arbitrary web script or HTML via unsanitized parameters in viewtopic.php and viewforum.php.
Vulnerability
A cross-site scripting (XSS) vulnerability exists in phpBB versions 2.0.6d and earlier. The postdays parameter in viewtopic.php and the topicdays parameter in viewforum.php are not properly sanitized before being reflected in output. An attacker can inject arbitrary HTML or JavaScript by crafting a URL with a malicious payload in these parameters. The vulnerability is triggered when the query returns results, requiring valid forum or topic IDs and appropriate day values. [2]
Exploitation
An unauthenticated remote attacker can exploit this vulnerability by crafting a malicious URL containing the XSS payload in either the postdays or topicdays parameter. The attacker must convince a victim to click the link (e.g., via email or social engineering). No special network position or authentication is required. Example URLs: viewforum.php?f=1&topicdays=1">&start=0 or viewtopic.php?t=10&postdays=1">&start=0. [2]
Impact
Successful exploitation allows the attacker to execute arbitrary HTML or JavaScript in the victim's browser within the context of the vulnerable phpBB application. This can lead to cookie theft, session hijacking, site defacement, or redirection to malicious sites. The attacker does not gain elevated privileges on the server but can impersonate the victim user. [1][2]
Mitigation
The vendor released a fix in subsequent versions (e.g., phpBB 2.0.7 or later). Users should upgrade to a patched version. As a workaround, administrators can sanitize the postdays and topicdays parameters manually, for example by stripping HTML tags or encoding special characters. This CVE is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog. [1]
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
14cpe:2.3:a:phpbb_group:phpbb:2.0.0:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:phpbb_group:phpbb:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb_group:phpbb:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb_group:phpbb:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb_group:phpbb:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb_group:phpbb:2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb_group:phpbb:2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb_group:phpbb:2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb_group:phpbb:2.0.6c:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb_group:phpbb:2.0.6d:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb_group:phpbb:2.0_rc1:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb_group:phpbb:2.0_rc2:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb_group:phpbb:2.0_rc3:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb_group:phpbb:2.0_rc4:*:*:*:*:*:*:*
- (no CPE)range: <=2.0.6d
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8News mentions
0No linked articles in our index yet.