CRITICAL9.8CVE-2010-1630phpBB vulnerability related to use of "forum id" in circumstances related to a "global announcement." from 0, < 3.0.5
from 0, < 3.1.7-PL1
HIGH7.5phpBB arbitrary CSS injection
>= 3.2.7, < 3.2.8
HIGH7.5phpBB Denial of Service
from 0, < 3.2.6
HIGH7.5phpBB vulnerable to sensitive information disclosure
from 0, < 3.0.4
HIGH7.5phpBB Server-Side Request Forgery (SSRF)
>= 3.2.0, < 3.2.1
HIGH7.2phpBB Remote Code Execution
from 0, < 3.2.4
MEDIUM6.5phpBB allows CSRF
from 0, < 3.2.9
MEDIUM6.5phpBB Cross-Site Request Forgery (CSRF)
from 0, < 3.2.8
MEDIUM6.1phpBB Open Redirect
from 0, < 3.0.14
MEDIUM5.8phpBB Server-Side Request Forgery Vulnerability
>= 3.2.0, < 3.2.10
MEDIUM5.8phpBB Server side request forgery (SSRF)
from 0, < 3.2.6
MEDIUM4.3phpBB Cross-Site Request Forgery (CSRF)
>= 3.2.7, < 3.2.8
MEDIUM4.3phpBB Cross-Site Request Forgery (CSRF)
>= 3.2.8, < 3.2.9
LOW2.4phpBB's Smiley Pack acp_icons.php main pack vulnerable to cross site scripting
from 0, < 3.3.11