Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6850) CVE-2008-6850 CWE-707 CWE-707 Medium PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6043) CVE-2012-6043 CWE-707 CWE-707 Medium PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1804) CVE-2013-1804 CWE-707 CWE-707 Medium PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8375) CVE-2015-8375 CWE-707 CWE-707 Medium PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12438) CVE-2020-12438 CWE-707 CWE-707 Medium PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12706) CVE-2020-12706 CWE-707 CWE-707 Medium PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12708) CVE-2020-12708 CWE-707 CWE-707 Medium PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12718) CVE-2020-12718 CWE-707 CWE-707 Medium PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-15041) CVE-2020-15041 CWE-707 CWE-707 Medium PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-17449) CVE-2020-17449 CWE-707 CWE-707 Medium PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-17450) CVE-2020-17450 CWE-707 CWE-707 Medium PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23179) CVE-2020-23179 CWE-707 CWE-707 Medium PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23181) CVE-2020-23181 CWE-707 CWE-707 Medium PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23184) CVE-2020-23184 CWE-707 CWE-707 Medium PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23185) CVE-2020-23185 CWE-707 CWE-707 Medium PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23658) CVE-2020-23658 CWE-707 CWE-707 Medium PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23702) CVE-2020-23702 CWE-707 CWE-707 Medium PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-1918) CVE-2008-1918 CWE-138 CWE-138 Medium PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-5335) CVE-2008-5335 CWE-138 CWE-138 Medium PHP-Fusion Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1807) CVE-2013-1807 CWE-264 CWE-264 Medium PHP-Fusion URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-23182) CVE-2020-23182 CWE-601 CWE-601 Medium PHP4 IMAP module buffer overflow vulnerability CWE-119 CWE-119 Medium PHP 4.3.0 file disclosure and possible code execution CVE-2003-0097 CWE-20 CWE-20 Medium PHP Address Book Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1912) CVE-2012-1912 CWE-707 CWE-707 Medium PHP Address Book Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2903) CVE-2012-2903 CWE-707 CWE-707 Medium PHP Address Book Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1749) CVE-2013-1749 CWE-707 CWE-707 Medium PHP Address Book Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2608) CVE-2009-2608 CWE-138 CWE-138 Medium phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-0471) CVE-2008-0471 CWE-352 CWE-352 Medium phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-1432) CVE-2015-1432 CWE-352 CWE-352 Medium phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-13376) CVE-2019-13376 CWE-352 CWE-352 Medium phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-16107) CVE-2019-16107 CWE-352 CWE-352 Medium phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-5501) CVE-2020-5501 CWE-352 CWE-352 Medium phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-5502) CVE-2020-5502 CWE-352 CWE-352 Medium phpBB CVE-2008-4125 Vulnerability (CVE-2008-4125) CVE-2008-4125 Medium phpBB CVE-2008-6507 Vulnerability (CVE-2008-6507) CVE-2008-6507 Medium phpBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2002-2346) CVE-2002-2346 CWE-200 CWE-200 Medium phpBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-7143) CVE-2008-7143 CWE-200 CWE-200 Medium phpBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5173) CVE-2007-5173 CWE-94 CWE-94 Medium phpBB Improper Input Validation Vulnerability (CVE-2006-2220) CVE-2006-2220 CWE-20 CWE-20 Medium phpBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2002-2255) CVE-2002-2255 CWE-707 CWE-707 Medium phpBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0544) CVE-2011-0544 CWE-707 CWE-707 Medium phpBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1431) CVE-2015-1431 CWE-707 CWE-707 Medium phpBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5917) CVE-2023-5917 CWE-707 CWE-707 Medium phpBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-6506) CVE-2008-6506 CWE-264 CWE-264 Medium phpBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1627) CVE-2010-1627 CWE-264 CWE-264 Medium phpBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-11767) CVE-2019-11767 CWE-918 CWE-918 Medium phpBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-8226) CVE-2020-8226 CWE-918 CWE-918 Medium phpBB URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-3880) CVE-2015-3880 CWE-601 CWE-601 Medium PHP Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2006-5178) CVE-2006-5178 CWE-362 CWE-362 Medium PHP Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2011-0753) CVE-2011-0753 CWE-362 CWE-362 Medium PHP Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2015-8878) CVE-2015-8878 CWE-362 CWE-362 Medium PHP Console addon enabled CWE-200 CWE-200 Medium PHP Cryptographic Issues Vulnerability (CVE-2010-1128) CVE-2010-1128 Medium PHP Cryptographic Issues Vulnerability (CVE-2011-2483) CVE-2011-2483 Medium PHP Cryptographic Issues Vulnerability (CVE-2011-3189) CVE-2011-3189 Medium PHP Cryptographic Issues Vulnerability (CVE-2012-2143) CVE-2012-2143 Medium PHP curl_exec() url is controlled by user CVE-2009-0037 CWE-352 CWE-352 Medium PHP CVE-2007-4670 Vulnerability (CVE-2007-4670) CVE-2007-4670 Medium PHP CVE-2007-5898 Vulnerability (CVE-2007-5898) CVE-2007-5898 Medium PHP CVE-2011-1467 Vulnerability (CVE-2011-1467) CVE-2011-1467 Medium PHP CVE-2011-1469 Vulnerability (CVE-2011-1469) CVE-2011-1469 Medium PHP CVE-2013-7345 Vulnerability (CVE-2013-7345) CVE-2013-7345 Medium PHP CVE-2014-3479 Vulnerability (CVE-2014-3479) CVE-2014-3479 Medium PHP CVE-2022-31629 Vulnerability (CVE-2022-31629) CVE-2022-31629 Medium PHP Debug Bar enabled CWE-200 CWE-200 Medium PHP Deserialization of Untrusted Data Vulnerability (CVE-2007-1701) CVE-2007-1701 CWE-502 CWE-502 Medium PHP enable_dl enabled CWE-470 CWE-470 Medium PHP errors enabled CWE-209 CWE-209 Medium PHP eval() used on user input CWE-95 CWE-95 Medium PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-2748) CVE-2007-2748 CWE-200 CWE-200 Medium PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-5899) CVE-2007-5899 CWE-200 CWE-200 Medium PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-5498) CVE-2008-5498 CWE-200 CWE-200 Medium PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1860) CVE-2010-1860 CWE-200 CWE-200 Medium PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1862) CVE-2010-1862 CWE-200 CWE-200 Medium PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1864) CVE-2010-1864 CWE-200 CWE-200 Medium 1...74757677...107 75 / 107
