CVE-2006-1775

CVE-2006-1775 is a medium-severity vulnerability in Phpbb Group Phpbb with a CVSS 2.0 base score of 4.3. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.

Key facts

Description

Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.19 allow remote attackers to inject arbitrary web script or HTML via the (1) Site Description field in (a) admin_board.php, the (2) Group name and (3) Group description fields in (b) admin_groups.php and (c) groupcp.php, the (4) Theme Name field in (d) admin_styles.php, and the (5) Rank Title field in (e) admin_ranks.php. NOTE: the profile.php/Current password vector is already covered by CVE-2006-1603.

Frequently asked questions

What is CVE-2006-1775?
Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.19 allow remote attackers to inject arbitrary web script or HTML via the (1) Site Description field in (a) admin_board.php, the (2) Group name and (3) Group description fields in (b) admin_groups.php and (c) groupcp.php, the (4) Theme Name field in (d) admin_styles.php, and the (5) Rank Title field in (e) admin_ranks.php. NOTE: the profile.php/Current password vector is already covered by CVE-2006-1603.
How severe is CVE-2006-1775?
CVE-2006-1775 has a CVSS 2.0 base score of 4.3, rated medium severity.
Is CVE-2006-1775 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (64th percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2006-1775?
CVE-2006-1775 affects Phpbb Group Phpbb. See the affected-products list for the exact vulnerable versions.
How do I fix CVE-2006-1775?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
When was CVE-2006-1775 published?
CVE-2006-1775 was published on 2006-04-13 and last updated on 2026-06-16.

References

Affected products (1)

More vulnerabilities in Phpbb Group Phpbb

All CVEs affecting Phpbb Group Phpbb →