10 matches found
PhpBB viewtopic.php URL Decoding Code Execution - Ver2 (CVE-2004-1315)
A code execution vulnerability has been reported in phpBB. The vulnerability is due to lack of input validation on the highlight parameter supplied to viewtopic. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause...
phpBB viewtopic.php URL Decoding Code Execution - ver 2 (CVE-2004-1315)
A code injection and execution vulnerability has been reported in phpBB. The vulnerability is due to lack of input validation on the highlight parameter supplied to viewtopic.php. A remote attacker can exploit this issue by injecting malicious SQL code to the target server. Successful exploitatio...
phpBB viewtopic.php URL Decoding Code Execution (CVE-2004-1315)
A code injection and execution vulnerability has been reported in phpBB. The vulnerability is due to lack of input validation on the highlight parameter supplied to viewtopic.php. A remote attacker can exploit this issue by injecting malicious SQL code to the target server. Successful exploitatio...
phpBB - 'viewtopic.php' Arbitrary Code Execution (Metasploit)
$Id: phpbbhighlight.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...
CVE-2004-1315
creationtimestamp| type| source ---|---|--- 2010-07-03 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16890 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/phpbbhighlight.rb 2025-02-06 03:13:38+00:00| seen|...
Gentoo Security Advisory GLSA 200411-32 (phpBB)
The remote host is missing updates announced in advisory GLSA 200411-32. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
FreeBSD Ports: phpbb
The remote host is missing an update to the system as announced in the referenced advisory. VID e3cf89f0-53da-11d9-92b7-ceadd4ac2edd OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
CVE-2004-1315
viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which...
CVE-2004-1315
Summary: CVE-2004-1315 affects phpBB 2.x prior to 2.0.11. The vulnerability stems from improper URL decoding of the highlight parameter in viewtopic.php, allowing a remote attacker to double-encode the highlight value so that PHP exec runs arbitrary code. Exploited in the wild by the Santy.A worm...
CVE-2004-1315
viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which...