FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  507033
Date:      2019-07-21
Time:      03:55:06Z
Committer: acm

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
28c9243a-72ed-11da-8c1d-000e0c2e438aphpbb -- multiple vulnerabilities

Multiple vulnerabilities have been reported within phpbb. phpbb is proven vulnerable to:

  • script insertion,
  • bypassing of protetion mechanisms,
  • multiple cross site scripting vulnerabilities,
  • SQL injection,
  • arbitrary code execution

Discovery 2005-10-24
Entry 2006-02-16
phpbb
zh-phpbb-tw
lt 2.0.18

15170
15243
CVE-2005-3310
CVE-2005-3415
CVE-2005-3416
CVE-2005-3417
CVE-2005-3418
CVE-2005-3419
CVE-2005-3420
CVE-2005-3536
CVE-2005-3537
http://marc.theaimsgroup.com/?l=bugtraq&m=113017003617987
http://www.hardened-php.net/advisory_172005.75.html
86526ba4-53c8-11db-8f1a-000a48049292phpbb -- NULL byte injection vulnerability

Secunia reports:

ShAnKaR has discovered a vulnerability in phpBB, which can be exploited by malicious users to compromise a vulnerable system.

Input passed to the "avatar_path" parameter in admin/admin_board.php is not properly sanitised before being used as a configuration variable to store avatar images. This can be exploited to upload and execute arbitrary PHP code by changing "avatar_path" to a file with a trailing NULL byte.

Successful exploitation requires privileges to the administration section.


Discovery 2006-09-12
Entry 2006-10-04
Modified 2006-12-24
phpbb
zh-phpbb-tw
lt 2.0.22

20347
CVE-2006-4758
http://secunia.com/advisories/22188/
http://xforce.iss.net/xforce/xfdb/28884
http://www.security.nnov.ru/Odocument221.html