IPB v1.x upload html .gif

/ ,, / / '-./.-' .--' '--. / / /"" SpiderZ ForumZ Security | | | | / / '..' = Autore: SpiderZ = IPB v1.x upload html .gif = Sito: www.spiderz.tk 1° Registrati al seguente forum 2° entra con i tuoi dati 3° vai su "My Controls" adesso entra su "Edit Avatar Settings" 4° prepara la tua pagina "exploi...

New exploit by SpiderZ

Author: SpiderZ Exploit 01 phpBB 2.0.19 Topic infinitely exploit multiple topic http://spiderz.netsons.org/1.txt Exploit 02 Mini-Nuke v1.8 XSS http://spiderz.netsons.org/3.txt Exploit 03 CuteCast Version 1.2 multiple users http://spiderz.netsons.org/4.txt Exploit 04 IPB v1.x upload html .gif...

CVE-2006-1369

The CVE-2006-1369 issue affects Invision Power Board (IPB) 2.1.5 and earlier, prior to 20060308. The vulnerability is a cross-site scripting (XSS) flaw exploitable through a Private Message (PM) under certain circumstances, enabling remote attackers to inject arbitrary web script or HTML. The roo...

CVE-2006-1287

The CVE-2006-1287 entries describe a Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) versions 2.0.4 and 2.1.4 prior to 20060130. The vulnerability could allow remote attackers to steal cookies and potentially conduct other activities when the victim uses Internet Explorer. ...

CVE-2006-1288

CVE-2006-1288 affects Invision Power Board (IPB) with versions 2.0.4 and 2.1.4 before 20060105. The vulnerability is a SQL injection in multiple entry points where cookies and parameters are not properly sanitized, including ipsclass.php (arrays of id/stamp pairs; keys in key/value arrays), userc...

CVE-2006-1287

Cross-site scripting XSS vulnerability in Invision Power Board IPB 2.0.4 and 2.1.4 before 20060130 allows remote attackers to steal cookies and probably conduct other activities when the victim is using Internet Explorer...

CVE-2006-1076

SQL injection vulnerability in index.php, possibly during a showtopic operation, in Invision Power Board IPB 2.1.5 allows remote attackers to execute arbitrary SQL commands via the st parameter...

CVE-2006-1076

CVE-2006-1076 affects Invision Power Board (IPB) 2.1.5. The vulnerability is a SQL injection in index.php during a showtopic-like operation, exploitable via the st parameter , allowing remote attackers to execute arbitrary SQL commands. The connected documents do not provide a patch or specific r...

D2-Shoutbox 4.2 IPB Mod (load) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications =========================================================== D2-Shoutbox 4.2 IPB Mod load Remote SQL Injection Exploit =========================================================== !/usr/bin/perl | | | \ | | |/ D2-Shoutbox 4.2IPB Mod=SQL...

D2-Shoutbox 4.2 IPB Mod - load SQL Injection

D2-Shoutbox 4.2 IPB Mod - load SQL Injection !/usr/bin/perl | | | \ | | |/ D2-Shoutbox 4.2IPB Mod=SQL injection Created By SkOd SED security Team http://www.sed-team.be [email protected] ISRAEL google: "Powered By D2-Shoutbox 4.2" use IO::Socket; $host = $ARGV0; $user = $ARGV2; $uid = $ARGV3; $pi...

D2-Shoutbox 4.2 IPB Mod - 'load' SQL Injection

!/usr/bin/perl | | | \ | | |/ D2-Shoutbox 4.2IPB Mod=SQL injection Created By SkOd SED security Team http://www.sed-team.be [email protected] ISRAEL google: "Powered By D2-Shoutbox 4.2" use IO::Socket; $host = $ARGV0; $user = $ARGV2; $uid = $ARGV3; $pid = $ARGV4; $type = $ARGV5; sub type...

D2-Shoutbox 4.2 IPB Mod (load) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl | | | \ | | |/ D2-Shoutbox 4.2IPB Mod=SQL injection Created By SkOd SED security Team http://www.sed-team.be [email protected] ISRAEL google: "Powered By D2-Shoutbox 4.2" use IO::Socket; $host = $ARGV0; $user = $ARGV2; $uid = $ARGV3; $pid = $ARGV4...

CVE-2006-0910

Invision Power Board IPB 2.1.4 and earlier allows remote attackers to list directory contents via a direct request to multiple directories, including 1 sources/loginauth/convert/, 2 sources/portalplugins/, 3 cache/skincache/cacheid2/, 4 ipskernel/PEAR/, 5 ipskernel/PEAR/Text/, 6...

Design/Logic Flaw

Invision Power Board IPB 2.1.4 and earlier allows remote attackers to list directory contents via a direct request to multiple directories, including 1 sources/loginauth/convert/, 2 sources/portalplugins/, 3 cache/skincache/cacheid2/, 4 ipskernel/PEAR/, 5 ipskernel/PEAR/Text/, 6...

CVE-2006-0910

Invision Power Board IPB 2.1.4 and earlier allows remote attackers to list directory contents via a direct request to multiple directories, including 1 sources/loginauth/convert/, 2 sources/portalplugins/, 3 cache/skincache/cacheid2/, 4 ipskernel/PEAR/, 5 ipskernel/PEAR/Text/, 6...

CVE-2006-0909

IPB 2.1.4 and earlier versions are affected by CVE-2006-0909: an attacker can view sensitive information by making direct requests to many PHP scripts that disclose full file paths in error messages (e.g., ips_kernel, sources/sql, action_public, action_admin, and various post/editor/bbcode classe...

CVE-2006-0910

Invision Power Board (IPB) 2.1.4 and earlier is affected by CVE-2006-0910. The issue allows remote attackers to list directory contents by requesting specific directories (e.g., sources/loginauth/convert/, sources/portal_plugins/, cache/skin_cache/cacheid_2/, ips_kernel/PEAR/, and others). The un...

CVE-2006-0888

The CVE-2006-0888 entry concerns Invision Power Board (IPB) 2.0.1, where index.php with Code Confirmation disabled can lead to a denial of service by registering a large number of users. The vulnerability is triggered via a user-registration flood, but the public documents do not specify exact te...

CVE-2006-0750

SQL injection vulnerability in army.php in supersmashbrothers SSB Army System 2.1.0 for Invision Power Board IPB allows remote attackers to execute arbitrary SQL commands via the userstat parameter in an army action to index.php...

CVE-2006-0750

SQL injection vulnerability in army.php in supersmashbrothers SSB Army System 2.1.0 for Invision Power Board IPB allows remote attackers to execute arbitrary SQL commands via the userstat parameter in an army action to index.php...