Description
phpBB 2.0.19 and earlier allows remote attackers to cause a denial of service (application crash) by (1) registering many users through profile.php or (2) using search.php to search in a certain way that confuses the database.
Exploits (1)
nomisec
WORKING POC
by Parcer0 · poc
https://github.com/Parcer0/CVE-2006-0450-phpBB-2.0.15-Multiple-DoS-Vulnerabilities
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/423030/100/0/threaded
Various Sources x_refsource_misc
http://h4cky0u.org/viewtopic.php?t=637
Exploit, Vendor Advisory x_refsource_misc
http://www.h4cky0u.org/advisories/HYSA-2006-001-phpbb.txt
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/368
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/24327
Scores
EPSS
0.1043
EPSS Percentile
93.3%
Details
Status
published
Products (29)
phpbb_group/phpbb
2.0.0
phpbb_group/phpbb
2.0.1
phpbb_group/phpbb
2.0.2
phpbb_group/phpbb
2.0.3
phpbb_group/phpbb
2.0.4
phpbb_group/phpbb
2.0.5
phpbb_group/phpbb
2.0.6
phpbb_group/phpbb
2.0.6c
phpbb_group/phpbb
2.0.6d
phpbb_group/phpbb
2.0.7
... and 19 more
Published
Jan 27, 2006
Tracked Since
Feb 18, 2026