Lucene search
K

2180 matches found

seebug.org
seebug.org
added 2003/12/21 12:0 a.m.21 views

phpBB 2.0.6 search_id sql injection MD5 Hash Remote Exploit

No description provided by source. !/usr/bin/perl -w use IO::Socket; PROOF-OF-CONCEPT work only with mysql ver 4.0 work only with post 1 Example: C:\r57phpbb-poc.pl 127.0.0.1 phpBB2 2 2 prepare to connect... + connected prepare to send data... + OK wait for response... + MD5 Hash for user with id...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2003/12/21 12:0 a.m.49 views

phpBB 2.0.6 - 'search_id' SQL Injection / MD5 Hash

!/usr/bin/perl -w use IO::Socket; PROOF-OF-CONCEPT work only with mysql ver 4.0 work only with post 1 Example: C:\r57phpbb-poc.pl 127.0.0.1 phpBB2 2 2 prepare to connect... + connected prepare to send data... + OK wait for response... + MD5 Hash for user with id=2 is:...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/12/04 12:0 a.m.53 views

phpBB < 2.0.7 Multiple Script SQL Injection

The remote host is running a version of phpBB older than 2.0.7. There is a flaw in the remote software that could allow anyone to inject arbitrary SQL commands, which may in turn be used to gain administrative access on the remote host or to obtain the MD5 hash of the password of any user...

7.5CVSS5.8AI score0.01789EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2003/12/01 12:0 a.m.25 views

phpBB206.txt

phpBB v2.06 searchid sql injection exploit -Hat-Squad Security Team- Using this query you will get MD5 password hash for useruid as highlight variable for viewtopic.php in search results page.Works with mysql4. http://site.com/search.php?searchid=1%20union%20select%20concatchar...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/11/29 12:0 a.m.39 views

[Hat-Squad] phpBB search_id injection exploit

Hello list, Here is the exploit code for phpbb 2.06 sql injection described in http://www.securityfocus.com/archive/1/345872 . It will return MD5 password hash of specified user as highlight variable for viewtopic.php in search results page...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2003/11/28 12:0 a.m.27 views

phpBB 2.06 search.php SQL injection

Hello bugtraq readers, A vulnerability exists in phpBB 2.06 that could allow an attacker to manipulate SQL queries and gain administrative control over the forum. The search.php script of the application does not sufficiently sanitize the input of the "searchid" parameter. As a result of this an...

Exploits0
NVD
NVD
added 2003/11/27 5:0 a.m.16 views

CVE-2003-1216

SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier allows remote attackers to execute arbitrary SQL and gain privileges via the searchid parameter...

7.5CVSS8.4AI score0.01789EPSS
Exploits1References6
securityvulns
securityvulns
added 2003/11/15 12:0 a.m.24 views

XSS in & path disclosure phpBB forums

Affected versions: Dunno All? Code: http://www.phpbb.com/phpBB/search.php?searchid=3D1'scriptalert/guiler= minator20overload,20vampirun20mugroson/;/script Overview The error is like: ---------------- Could not obtain search results DEBUG MODE SQL Error : 1064 You have an error in your SQL syntax...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2003/11/10 12:0 a.m.33 views

sql injection in phpbb

I found a vulnerability en phpbb 2.0.5 and prior, is probably also affect 2.0.6 this bug don't affect to version 2.0.7 phpbb have a list of registereds users, when you click on a memebr of this list, you are requesting data to the database for example:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2003/11/08 12:0 a.m.11 views

phpBB 2.0.x - profile.php SQL Injection

phpBB 2.0.x - profile.php SQL Injection source: https://www.securityfocus.com/bid/8994/info A SQL injection vulnerability has been reported for phpBB systems. phpBB, in some cases, does not sufficiently sanitize user-supplied input, which is used when constructing SQL queries to execute on the...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2003/11/08 12:0 a.m.30 views

phpBB 2.0.x - &#039;profile.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/8994/info A SQL injection vulnerability has been reported for phpBB systems. phpBB, in some cases, does not sufficiently sanitize user-supplied input, which is used when constructing SQL queries to execute on the underlying database. As a result, it is...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/09/08 12:0 a.m.17 views

phpBB 2.0.6 - URL BBCode HTML Injection

phpBB 2.0.6 - URL BBCode HTML Injection source: https://www.securityfocus.com/bid/8570/info phpBB BBCode has been reported prone to an HTML injection vulnerability. It has been reported that an attacker may inject malicious script into areas of phpBB where BBCode is rendered, for example, bulleti...

7.6AI score
Exploits0
Exploit DB
Exploit DB
added 2003/09/08 12:0 a.m.24 views

phpBB 2.0.6 - URL BBCode HTML Injection

source: https://www.securityfocus.com/bid/8570/info phpBB BBCode has been reported prone to an HTML injection vulnerability. It has been reported that an attacker may inject malicious script into areas of phpBB where BBCode is rendered, for example, bulletin board posts or private messages. This...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/08/19 12:0 a.m.24 views

XSS vulnerability in phpBB

Hi, I have found a dangerous vunlerability in phpBB. I've verified that versions 2.0.5 and 2.0.4 AFAIK the two latest versions are affected, but probably more versions are vulnerable. If HTML is enabled for postings, a user can post a link like this: a...

Exploits0
NVD
NVD
added 2003/08/07 4:0 a.m.19 views

CVE-2003-0486

SQL injection vulnerability in viewtopic.php for phpBB 2.0.5 and earlier allows remote attackers to steal password hashes via the topicid parameter...

5CVSS7.8AI score0.01949EPSS
Exploits1References4
NVD
NVD
added 2003/08/07 4:0 a.m.15 views

CVE-2003-0484

Cross-site scripting XSS vulnerability in viewtopic.php for phpBB allows remote attackers to insert arbitrary web script via the topicid parameter...

6.8CVSS5.9AI score0.01206EPSS
Exploits0References1
seebug.org
seebug.org
added 2003/06/30 12:0 a.m.33 views

phpBB 2.0.4 Remote php File Include Exploit

No description provided by source. // / phpBB 2.0.4 Remote AdminStyles.PHP ThemeInfo.CFG File Include / / / / Exploit made on June 2003 by Spoofed Existence / / / / Patch : http://www.phpbb.com/phpBB/viewtopic.php?t=113826 / // include stdio.h include sys/types.h include sys/socket.h include...

7.1AI score
Exploits0
0day.today
0day.today
added 2003/06/30 12:0 a.m.75 views

phpBB 2.0.4 Remote php File Include Exploit

Exploit for unknown platform in category web applications =========================================== phpBB 2.0.4 Remote php File Include Exploit =========================================== // / phpBB 2.0.4 Remote AdminStyles.PHP ThemeInfo.CFG File Include / / / / Exploit made on June 2003 by...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2003/06/30 12:0 a.m.21 views

phpBB 2.0.4 - PHP Remote File Inclusion

phpBB 2.0.4 - PHP Remote File Inclusion // / phpBB 2.0.4 Remote AdminStyles.PHP ThemeInfo.CFG File Include / / / / Exploit made on June 2003 by Spoofed Existence / / / / Patch : http://www.phpbb.com/phpBB/viewtopic.php?t=113826 / // include include include include include int main //The socket...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2003/06/30 12:0 a.m.45 views

phpBB 2.0.4 - PHP Remote File Inclusion

// / phpBB 2.0.4 Remote AdminStyles.PHP ThemeInfo.CFG File Include / / / / Exploit made on June 2003 by Spoofed Existence / / / / Patch : http://www.phpbb.com/phpBB/viewtopic.php?t=113826 / // include include include include include int main //The socket stuff struct hostent hp; struct sockaddrin...

7.4AI score
Exploits0
Rows per page
Query Builder