彙總 mxbb 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
常見弱點模式包括 路徑處理缺陷,在 軟體部署與生產負載 使用場景中可能帶來 檔案覆寫 等風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2007-5178 | contrib/mx_glance_sdesc.php in the mx_glance 2.3.3 module for mxBB places a critical security check within a comment because of a missing comment delimiter, which allows remote attackers to conduct remote file inclusion attacks and execute arbitrary PHP code via a URL in the mx_root_path parameter. NOTE: some sources incorrectly state that phpbb_root_path is the affected parameter. | [email protected] | 6.8 | 14.89% | 2007-10-03 | 2026-04-23 |
| CVE-2007-2493 | PHP remote file inclusion vulnerability in faq.php in the FAQ & RULES 2.0.0 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | [email protected] | 10.0 | 4.83% | 2007-05-04 | 2026-04-23 |
| CVE-2007-2313 | PHP remote file inclusion vulnerability in getinfo1.php in the Shotcast 1.0 RC2 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter. | [email protected] | 7.5 | 5.10% | 2007-04-26 | 2026-04-23 |
| CVE-2006-6650 | PHP remote file inclusion vulnerability in charts_constants.php in the Charts (mx_charts) 1.0.0 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | [email protected] | 6.8 | 8.55% | 2006-12-20 | 2026-04-23 |
| CVE-2006-6645 | PHP remote file inclusion vulnerability in language/lang_english/lang_admin.php in the Web Links (mx_links) 2.05 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter. | [email protected] | 7.5 | 4.89% | 2006-12-20 | 2026-04-23 |
| CVE-2006-6644 | PHP remote file inclusion vulnerability in pages/meeting_constants.php in the Meeting (mx_meeting) 1.1.2 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | [email protected] | 6.8 | 8.55% | 2006-12-20 | 2026-04-23 |
| CVE-2006-6615 | PHP remote file inclusion vulnerability in includes/act_constants.php in the Activity Games (mx_act) 0.92 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | [email protected] | 7.5 | 5.78% | 2006-12-18 | 2026-04-23 |
| CVE-2006-6568 | Directory traversal vulnerability in includes/kb_constants.php in the Knowledge Base (mx_kb) 2.0.2 module for mxBB allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the phpEx parameter. | [email protected] | 10.0 | 8.55% | 2006-12-15 | 2026-04-23 |
| CVE-2006-6567 | PHP remote file inclusion vulnerability in includes/kb_constants.php in the Knowledge Base (mx_kb) 2.0.2 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | [email protected] | 10.0 | 6.17% | 2006-12-15 | 2026-04-23 |
| CVE-2006-6566 | PHP remote file inclusion vulnerability in includes/profilcp_constants.php in the Profile Control Panel (CPanel) module for mxBB 0.91c allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | [email protected] | 7.5 | 11.46% | 2006-12-15 | 2026-04-23 |
| CVE-2006-6560 | PHP remote file inclusion vulnerability in includes/common.php in the mx_modsdb 1.0.0 module for MxBB (aka MX-System) Portal allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | [email protected] | 7.5 | 6.68% | 2006-12-14 | 2026-04-23 |
| CVE-2006-6553 | PHP remote file inclusion vulnerability in includes/newssuite_constants.php in the NewsSuite 1.03 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter. | [email protected] | 7.5 | 8.29% | 2006-12-14 | 2026-04-23 |
| CVE-2006-6295 | PHP remote file inclusion vulnerability in includes/mx_common.php in the mx_tinies 1.3.0 Module for MxBB Portal 1.06 allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | [email protected] | 6.8 | 3.15% | 2006-12-05 | 2026-04-23 |
| CVE-2006-6065 | PHP remote file inclusion vulnerability in includes/mx_common.php in the CalSnails Module for MxBB Portal 1.06 allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | [email protected] | 5.1 | 14.94% | 2006-11-22 | 2026-04-23 |
| CVE-2006-5803 | PHP remote file inclusion vulnerability in modules/mx_smartor/album.php in the mxBB Smartor Album module 1.02 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | [email protected] | 7.5 | 1.27% | 2006-11-08 | 2026-04-23 |
| CVE-2006-2361 | PHP remote file inclusion vulnerability in pafiledb_constants.php in Download Manager (mxBB pafiledb) integration, as used with phpBB, allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | [email protected] | 7.5 | 16.41% | 2006-05-15 | 2026-04-16 |