CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2180 matches found

UbuntuCve•added 2005/03/14 5:0 a.m.•25 views

CVE-2005-0259

phpBB 2.0.11, and possibly other versions, with remote avatars and avatar uploading enabled, allows local users to read arbitrary files by providing both a local and remote location for an avatar, then modifying the "Upload Avatar from a URL:" field to reference the target file...

6.4CVSS6.1AI score0.00539EPSS

Exploits0References1

securityvulns•added 2005/03/13 12:0 a.m.•39 views

[SECURITYREASON.COM][phpBB 2.0.13 SQL error in session cXIb8O3.8]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpBB 2.0.13 SQL error in session cXIb8O3.8 Author: Maksymilian Arciemowicz cXIb8O3 Date: 10.3.2005 from securityreason.com TEAM - --- 0.Description --- phpBB is a high powered, fully scalable, and highly customizable Open Source bulletin board packag...

0.1AI score

Exploits0

Packet Storm•added 2005/03/12 12:0 a.m.•25 views

phpBB2012session.txt

----------------------------------- phpBB 2.0.12 Session Handling Administrator Authentication Bypass EXPLOIT -SIMPLIFIED- - By PPC^Rebyte ----------------------------------- 03maa2005 NEDERLANDSE VERSIE ONDERAAN / DUTCH VERSION BELOW ENGLISH VERSION Status phpBB has already been informed about...

7.4AI score

Exploits0

0day.today•added 2005/03/11 12:0 a.m.•137 views

phpBB <= 2.0.12 Session Handling Authentication Bypass (tutorial 2)

Exploit for unknown platform in category web applications =================================================================== phpBB = 2.0.12 Session Handling Authentication Bypass tutorial 2 =================================================================== phpBB 2.0.12 Session Handling...

7.1AI score

Exploits0

exploitpack•added 2005/03/11 12:0 a.m.•10 views

phpBB 2.0.12 - Session Handling Authentication Bypass

phpBB 2.0.12 - Session Handling Authentication Bypass phpBB 2.0.12 Session Handling Authentication Bypass .. easy to use exploit .. YOU DON'T HAVE TO REGISTER AT THE VICTIM'S FORUM.. 1- Simply VISIT the forum using Mozilla Firefox.. and be sure that the cookie is made : 3- Close the Browser .. 2-...

0.4AI score

Exploits0

seebug.org•added 2005/03/11 12:0 a.m.•23 views

phpBB <= 2.0.12 Session Handling Authentication Bypass (tutorial 2)

No description provided by source. phpBB 2.0.12 Session Handling Authentication Bypass .. easy to use exploit .. YOU DON'T HAVE TO REGISTER AT THE VICTIM'S FORUM.. 1- Simply VISIT the forum using Mozilla Firefox.. and be sure that the cookie is made : 3- Close the Browser .. 2- Open the cookies.t...

7.1AI score

Exploits0

Exploit DB•added 2005/03/11 12:0 a.m.•83 views

phpBB 2.0.12 - Session Handling Authentication Bypass

phpBB 2.0.12 Session Handling Authentication Bypass .. easy to use exploit .. YOU DON'T HAVE TO REGISTER AT THE VICTIM'S FORUM.. 1- Simply VISIT the forum using Mozilla Firefox.. and be sure that the cookie is made : 3- Close the Browser .. 2- Open the cookies.txt ..located on "C:\Documents and...

7.4AI score

Exploits0

securityvulns•added 2005/03/09 12:0 a.m.•29 views

phpBB 2.0.13 - user level exploit

This one goes for all phpBB versions up to 2.0.13. While applying and testing the patch for the autologin bug I found that phpBB2 doesn't reset the $userdata'userlevel' variable after a failed autologin. This is the vulvernable code in sessions.php: if $userid != ANONYMOUS $autologinkey =...

1.5AI score

Exploits0

Tenable Nessus•added 2005/03/09 12:0 a.m.•27 views

phpBB <= 2.0.13 Multiple Vulnerabilities

According to its banner, the remote host is running a version of phpBB that suffers from multiple flaws: - A Path Disclosure Vulnerability A remote attacker can cause phpBB to reveal its installation path via a direct request to the script 'db/oracle.php'. - A Cross-Site Scripting Vulnerability T...

7.5CVSS6AI score0.00517EPSS

Exploits2References7

CVE•added 2005/03/07 5:0 a.m.•55 views

CVE-2005-0673

CVE-2005-0673 affects phpBB 2.0.13 via Cross-site scripting in usercp_register.php, enabling remote attackers to inject arbitrary HTML/JS by manipulating (1) allowhtml, (2) allowbbcode, or (3) allowsmilies in signatures associated with privmsg.php or viewtopic.php. Documented impact is limited to...

4.3CVSS5.8AI score0.00335EPSS

Exploits0References3Affected Software1

Cvelist•added 2005/03/07 5:0 a.m.•13 views

CVE-2005-0673

Cross-site scripting XSS vulnerability in usercpregister.php for phpBB 2.0.13 allows remote attackers to inject arbitrary web script or HTML by setting the 1 allowhtml, 2 allowbbcode, or 3 allowsmilies parameters to inject HTML into signatures for personal messages, possibly when they are process...

5.7AI score0.00335EPSS

Exploits0References3

CVE•added 2005/03/07 5:0 a.m.•45 views

CVE-2005-0659

CVE-2005-0659 affects phpBB 2.0.13 and earlier. A direct request to oracle.php can disclose the installation path via a PHP error message, enabling remote disclosure of sensitive information. This mode provides the vulnerability description, affected software, and the underlying cause (path discl...

5CVSS6.2AI score0.00477EPSS

Exploits1References4Affected Software1

Cvelist•added 2005/03/07 5:0 a.m.•22 views

CVE-2005-0659

phpBB 2.0.13 and earlier allows remote attackers to obtain sensitive information via a direct request to oracle.php, which reveals the path in a PHP error message...

6.1AI score0.00477EPSS

Exploits1References4

Tenable Nessus•added 2005/03/07 12:0 a.m.•13 views

phpBB < 2.0.14 Cookie Authentication Bypass and SQL Injection Vulnerabilities

Binary data 2674.prm...

7.5CVSS7.3AI score0.00517EPSS

Exploits2References7

securityvulns•added 2005/03/05 12:0 a.m.•23 views

phpBB 2.0.12 Session Handling Administrator Authentication Bypass -SIMPLIFIED-

7.1AI score

Exploits0

Exploit DB•added 2005/03/05 12:0 a.m.•33 views

phpBB 2.0.12 - Session Handling Authentication Bypass (tutorial)

Register at forum? 2. Log in with account + UNCHECK "Log in automatically" 3. Close browser to be sure a cookie is made. 4. Locate cookie firefox: X:\Documents and Settings\Name\Application Data\Mozilla\Firefox\Profiles\profile.default\cookies.txt -- search the .txt for the domainname domain.tld...

7.4AI score

Exploits0

seebug.org•added 2005/03/05 12:0 a.m.•17 views

phpBB <= 2.0.12 Session Handling Authentication Bypass (tutorial)

No description provided by source. 1. Register at forum? 2. Log in with account + UNCHECK "Log in automatically" 3. Close browser to be sure a cookie is made. 4. Locate cookie firefox: X:\Documents and Settings\Name\Application Data\Mozilla\Firefox\Profiles\profile.default\cookies.txt -- search t...

7.1AI score

Exploits0

securityvulns•added 2005/03/05 12:0 a.m.•26 views

-==phpBB 2.0.13 Full path disclosure==-

/ -------------------------------------------------------- Neo Security Team NST® - Advisory 09 - 03/03/05 -------------------------------------------------------- Program: phpBB 2.0.13 Homepage: http://www.phpbb.com Vulnerable Versions: phpBB 2.0.13 & Lower versions Risk: Low Risk!! Impact: Full...

7.2AI score

Exploits0

exploitpack•added 2005/03/05 12:0 a.m.•12 views

phpBB 2.0.12 - Session Handling Authentication Bypass (tutorial)

phpBB 2.0.12 - Session Handling Authentication Bypass tutorial 1. Register at forum? 2. Log in with account + UNCHECK "Log in automatically" 3. Close browser to be sure a cookie is made. 4. Locate cookie firefox: X:\Documents and Settings\Name\Application...

0.7AI score

Exploits0

Packet Storm•added 2005/03/04 12:0 a.m.•35 views

phpbb2013.txt

/ -------------------------------------------------------- Neo Security Team NST® - Advisory 08 - 29/02/05 -------------------------------------------------------- Program: phpBB 2.0.13 Homepage: http://www.phpbb.com Vulnerable Versions: phpBB 2.0.13 & Lower versions Risk: Low Risk Impact: bbcode...

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by