Toplist
by PhpBB
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-2151 | 0.04 | — | 0.11 | May 3, 2006 | PHP remote file inclusion vulnerability in toplist.php in phpBB TopList 1.3.8 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via the phpbb_root_path parameter. | |||
| CVE-2019-20377 | 0.00 | — | 0.01 | Jan 11, 2020 | TopList before 2019-09-03 allows XSS via a title. | |||
| CVE-2006-6459 | 0.00 | — | 0.01 | Dec 11, 2006 | Cross-site scripting (XSS) vulnerability in toplist.php in PhpBB Toplist 1.3.7 allows remote attackers to inject arbitrary HTML or web script via the (1) Name and (2) Information fields when adding a new site (toplistnew action). | |||
| CVE-2006-2150 | 0.00 | — | 0.02 | May 3, 2006 | PHP remote file inclusion vulnerability in top/list.php in phpBB TopList 1.3.8 and earlier allows remote attackers to include arbitrary files via the returnpath parameter. |
- CVE-2006-2151May 3, 2006risk 0.04cvss —epss 0.11
PHP remote file inclusion vulnerability in toplist.php in phpBB TopList 1.3.8 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via the phpbb_root_path parameter.
- CVE-2019-20377Jan 11, 2020risk 0.00cvss —epss 0.01
TopList before 2019-09-03 allows XSS via a title.
- CVE-2006-6459Dec 11, 2006risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in toplist.php in PhpBB Toplist 1.3.7 allows remote attackers to inject arbitrary HTML or web script via the (1) Name and (2) Information fields when adding a new site (toplistnew action).
- CVE-2006-2150May 3, 2006risk 0.00cvss —epss 0.02
PHP remote file inclusion vulnerability in top/list.php in phpBB TopList 1.3.8 and earlier allows remote attackers to include arbitrary files via the returnpath parameter.