196 matches found
php-Board (php)
Informations : °°°°°°°°°°°°°° Website : http://www.hp-planet.de Version : 1 Problem : Informations disclosure PHP Code/Location : °°°°°°°°°°°°°°°°°°° login.php : ----------------------------------------- function passwd2$user $password="nicht registriert"; if fileexists"user/".$user.".txt" $fp =...
PHP-Board 1.0 - User Password Disclosure
PHP-Board 1.0 - User Password Disclosure source: https://www.securityfocus.com/bid/6862/info php-board user information is stored in flat files on the system hosting the software. Access to the files via the web is not sufficiently restricted. Remote attackers may request user files and gain acce...
PHP-Board 1.0 - User Password Disclosure
source: https://www.securityfocus.com/bid/6862/info php-board user information is stored in flat files on the system hosting the software. Access to the files via the web is not sufficiently restricted. Remote attackers may request user files and gain access to php-board user and administrative...
CVE-2002-1821
Ultimate PHP Board UPB 1.0 and 1.0b allows remote authenticated users to gain privileges and perform unauthorized actions via direct requests to 1 adminmembers.php, 2 adminconfig.php, 3 admincat.php, or 4 adminforum.php...
CVE-2002-1820
register.php in Ultimate PHP Board UPB 1.0 and 1.0b uses an administrative account Admin with a capital "A," but allows a remote attacker to impersonate the administrator by registering an account name of admin with a lower case "a."...
CVE-2002-2276
Ultimate PHP Board UPB 1.0 allows remote attackers to view the physical path of the message board via a direct request to add.php, which leaks the path in an error message...
CVE-2002-2322
Ultimate PHP Board UPB 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords...
PT-2002-2542 · Unknown · Ultimate Php Board
Name of the Vulnerable Software and Affected Versions: Ultimate PHP Board UPB versions 1.0 and 1.0b Description: The issue allows a remote attacker to impersonate the administrator by registering an account name of admin with a lower case "a", since the administrative account Admin with a capital...
XSS and Path Disclosure in UPB
=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: XSS and Path Disclosure in UPB product: Ultimate PHP Board UPB final beta 1.0 vendor: http://www.webrc.ca/php/upb.php risk: middle date: 12/7/2k2 discovered by: euronymous /F0KP /HACKRU Team advisory url: http://f0kp.iplus.ru/bz/009.txt...
Ultimate PHP Board Board 1.0 final Beta - viewtopic.php Cross-Site Scripting
Ultimate PHP Board Board 1.0 final Beta - viewtopic.php Cross-Site Scripting source: https://www.securityfocus.com/bid/6335/info Ultimate PHP Board UPB is a freely available, open source PHP Bulletin Board. It is available for the Unix and Linux operating systems. By passing a malicious script co...
Ultimate PHP Board Board 1.0 final Beta - 'viewtopic.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/6335/info Ultimate PHP Board UPB is a freely available, open source PHP Bulletin Board. It is available for the Unix and Linux operating systems. By passing a malicious script code to the viewtopic.php script, UPB may return the script code to the browser...
upb.admin.txt
product: Ultimate PHP Board UPB version: Public Beta 1.0b !!FIXED vendor: http://www.webrc.ca/php/upb.php summary: upb allow to any user have access levels 3 to have admin premissions exploit: yes Fix: yes Exploited by Hipik memmbers of www.hackeri.org Bosnians Security Portal email:[email protected]...
Ultimate PHP Board 1.01.1 - Image Tag Script Injection
Ultimate PHP Board 1.01.1 - Image Tag Script Injection source: https://www.securityfocus.com/bid/4603/info Ultimate PHP Board UPB is web forum software. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. Ultimate PHP Board does not filter script code from...
Ultimate PHP Board 1.0/1.1 - Image Tag Script Injection
source: https://www.securityfocus.com/bid/4603/info Ultimate PHP Board UPB is web forum software. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. Ultimate PHP Board does not filter script code from image tags. This may allow an attacker to include scri...
Security holes : Ultimate PHP Board
Product : Ultimate PHP Board http://xcrew.host.sk Versions : 1.0 Beta 1.1 Problems : 1.0 B : - Reading of privates messages 1.1 & 1.0 B : - Access to users/admins accounts Exploits : 1.0 B : - /members/ID.pm - /members/ID.xbb 1.1 : - imgjavascript:window.open' index.php?...
ReBB javascripts vulnerability
Hi! Another php - board named ReBB http://www.rebb.net has a img vulnerability. Exploit: Use this string my favorite : - imgjavascript:alert'test'/img Possible decision: All urls in img tag should start with http:// SliderGod...