PHPbbBook 1.3 (bbcode.php l) Local File Inclusion Exploit

No description provided by source. !/usr/bin/perl ----------------------------------------------------------------------------- INFORMATIONS ----------------------------------------------------------------------------- App = PHPbbBook 1.3 Downl =...

CVE-2005-1193

The bbencodesecondpass and makeclickable functions in bbcode.php for phpBB before 2.0.15, as used in viewtopic.php, privmsg.php, and other scripts, allow remote attackers to execute arbitrary script via a BBcode tag with a 1 javascript:, 2 applet:, 3 about:, 4 activex:, 5 chrome:, or 6 script: UR...

phpBB contains an input validation vulnerability in "includes/bbcode.php"

Overview phpBB fails to sanitize user input, allowing the possible inclusion of active script content in user posts. Description phpBB is a widely used Open Source bulletin board package written in PHP.An input validation issue has been identified that allows a malicious phpBB user to include...

phpbb 2.0.15 released - patches high critical vuln

I don't normally send an email about updated packages, but this one fixes a potentially serious issue. re: http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=288194 A high risk bbcode.php vulnerability is patched with this version, at the very least please patch it via the link above. It was...

phpBB 2.0.x - BBCode.php URL Tag

phpBB 2.0.x - BBCode.php URL Tag source: https://www.securityfocus.com/bid/13545/info The phpbb vendor reports that a critical vulnerability exists in the BBCode handling routines of the 'bbcode.php' script. The bbcode url tag is not properly sanitized of user-supplied input. This could permit th...

phpBB 2.0.x - 'BBCode.php' URL Tag

source: https://www.securityfocus.com/bid/13545/info The phpbb vendor reports that a critical vulnerability exists in the BBCode handling routines of the 'bbcode.php' script. The bbcode url tag is not properly sanitized of user-supplied input. This could permit the injection of arbitrary HTML or...