Lucene search
K

10 matches found

Check Point Advisories
Check Point Advisories
added 2014/04/16 12:0 a.m.2 views

PhpBB viewtopic.php URL Decoding Code Execution - Ver2 (CVE-2004-1315)

A code execution vulnerability has been reported in phpBB. The vulnerability is due to lack of input validation on the highlight parameter supplied to viewtopic. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause...

7.5CVSS7.5AI score0.72096EPSS
Exploits11
Check Point Advisories
Check Point Advisories
added 2014/03/04 12:0 a.m.30 views

phpBB viewtopic.php URL Decoding Code Execution - ver 2 (CVE-2004-1315)

A code injection and execution vulnerability has been reported in phpBB. The vulnerability is due to lack of input validation on the highlight parameter supplied to viewtopic.php. A remote attacker can exploit this issue by injecting malicious SQL code to the target server. Successful exploitatio...

2.8AI score0.72096EPSS
Exploits11
Check Point Advisories
Check Point Advisories
added 2012/08/20 12:0 a.m.33 views

phpBB viewtopic.php URL Decoding Code Execution (CVE-2004-1315)

A code injection and execution vulnerability has been reported in phpBB. The vulnerability is due to lack of input validation on the highlight parameter supplied to viewtopic.php. A remote attacker can exploit this issue by injecting malicious SQL code to the target server. Successful exploitatio...

7.5CVSS8.1AI score0.72096EPSS
Exploits11
Exploit DB
Exploit DB
added 2010/07/03 12:0 a.m.139 views

phpBB - 'viewtopic.php' Arbitrary Code Execution (Metasploit)

$Id: phpbbhighlight.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

6.6AI score
Exploits0
Circl
Circl
added 2010/07/03 12:0 a.m.27 views

CVE-2004-1315

creationtimestamp| type| source ---|---|--- 2010-07-03 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16890 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/phpbbhighlight.rb 2025-02-06 03:13:38+00:00| seen|...

7.5CVSS5.7AI score0.72096EPSS
Exploits11References2
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.35 views

Gentoo Security Advisory GLSA 200411-32 (phpBB)

The remote host is missing updates announced in advisory GLSA 200411-32. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

7.5CVSS0.5AI score0.72096EPSS
Exploits11
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.34 views

FreeBSD Ports: phpbb

The remote host is missing an update to the system as announced in the referenced advisory. VID e3cf89f0-53da-11d9-92b7-ceadd4ac2edd OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

7.5CVSS0.2AI score0.72096EPSS
Exploits11
Cvelist
Cvelist
added 2004/12/31 5:0 a.m.25 views

CVE-2004-1315

viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which...

7.3AI score0.72096EPSS
Exploits11References11
CVE
CVE
added 2004/12/31 5:0 a.m.198 views

CVE-2004-1315

Summary: CVE-2004-1315 affects phpBB 2.x prior to 2.0.11. The vulnerability stems from improper URL decoding of the highlight parameter in viewtopic.php, allowing a remote attacker to double-encode the highlight value so that PHP exec runs arbitrary code. Exploited in the wild by the Santy.A worm...

7.5CVSS7.2AI score0.72096EPSS
Exploits11References11Affected Software1
NVD
NVD
added 2004/11/12 5:0 a.m.20 views

CVE-2004-1315

viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which...

7.5CVSS7.4AI score0.72096EPSS
Exploits11References11
Rows per page
Query Builder