EUVD-2007-4965

Malware in sbrugna...

PHPBB 2.0.x Authentication Bypass Vulnerability (1)

No description provided by source...

CVE-2007-4984

SQL injection vulnerability in index.php in the Ktauber.com StylesDemo mod for phpBB 2.0.xx allows remote attackers to execute arbitrary SQL commands via the s parameter...

Sql injection

SQL injection vulnerability in index.php in the Ktauber.com StylesDemo mod for phpBB 2.0.xx allows remote attackers to execute arbitrary SQL commands via the s parameter...

CVE-2007-4984

CVE-2007-4984 affects the Ktauber.com StylesDemo mod for phpBB 2.0.x. Vulnerable component: index.php; vulnerable via the s parameter causing SQL injection. Root cause: improper handling of input leading to arbitrary SQL execution by remote attackers. Impact, per CVSS: AV:N/AC:L/Au:N/C:P/I:P/A:P ...

CVE-2007-2858

SQL injection vulnerability in the IP-Search functionality in the IP-Tracking Mod for phpBB 2.0.x allows remote authenticated administrators to execute arbitrary SQL commands via the Search Query field...

Sql injection

SQL injection vulnerability in the IP-Search functionality in the IP-Tracking Mod for phpBB 2.0.x allows remote authenticated administrators to execute arbitrary SQL commands via the Search Query field...

CVE-2007-2858

CVE-2007-2858 describes an SQL injection in the IP-Search function of the IP-Tracking Mod for phpBB 2.0.x. The vulnerability allows remote authenticated administrators to execute arbitrary SQL commands through the Search Query field. The provided documents confirm the affected software/module and...

CVE-2007-2858

SQL injection vulnerability in the IP-Search functionality in the IP-Tracking Mod for phpBB 2.0.x allows remote authenticated administrators to execute arbitrary SQL commands via the Search Query field...

CVE-2006-6421

Cross-site scripting XSS vulnerability in the private message box implementation privmsg.php in phpBB 2.0.x allows remote authenticated users to inject arbitrary web script or HTML via the "Message body" field in a message to a non-existent user...

CVE-2006-6421

CVE-2006-6421 is an XSS in phpBB 2.0.x; the private messaging (privmsg.php) feature allows remote authenticated users to inject arbitrary script/HTML via the Message body when targeting a non-existent user. Affected component: phpBB 2.0.x private messaging; root cause is user-supplied input not s...

phpbb 2.0.x [xss]

vendor site:http://phpbb.com/ product:phpbb bug:xss risk:low A xss post has been discovered in phpbb ,the impact of this attack is very low ,because it's more a bug , than a vulnerability . An authentificated user can excute some html code in his private message box , by sending a message to an...

CVE-2006-5209

PHP remote file inclusion vulnerability in admin/admintopicactionlogging.php in Admin Topic Action Logging Mod 0.95 and earlier, as used in phpBB 2.0 up to 2.0.21, allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2006-5209

PHP remote file inclusion vulnerability in admin/admintopicactionlogging.php in Admin Topic Action Logging Mod 0.95 and earlier, as used in phpBB 2.0 up to 2.0.21, allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2006-5209

The CVE-2006-5209 entry describes a PHP remote file inclusion in Admin Topic Action Logging Mod 0.95 and earlier, used with phpBB 2.0 up to 2.0.21. The vulnerability allows remote attackers to execute arbitrary PHP code via a URL supplied to the phpbb_root_path parameter in admin/admin_topic_acti...

phpBB Security Suite Mod 1.0.0 (logger_engine.php) Remote File Include

No description provided by source. / \ \ \ ,, / / '-./.-' .--' '--. / / /""\ \ \ SpiderZ Hacking Security | | | | \ \ / / '..' Author: SpiderZ Security Suite IP Logger Remote File Inclusion Vulnerability For: phpBB 2.0.x - 2.0.21 Site: www.spiderz.altervista.org Site02: www.spiderz.netsons.org...

CVE-2003-1244

SQL injection vulnerability in pageheader.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forumid parameter to index.php...

phpBBupload.txt

Advisory 1 "phpBB Upload Script "up.php" Arbitrary File Upload" $ Author: Status-x $ Contact: [email protected] - [email protected] $ Date: 7 April 2005 $ Website: http://defacers.com.mx $ Original Advisory: http://www.defacers.com.mx/advisories/2.txt $ Risk: High $ Vendor URL:...

linkslinks.txt

SQL Injection was found in the Variable $id in : LinksLinks Pro Mod vulnerable system : phpBB 2.0.x exploit : links.php?func=show&id='SQL Injection Bug Found by : LovER BOY SecurityGurus Team www.securitygurusd0tNet...

dlmanphpBB.txt

SQL Injection was found in the Variable $fileid in : DLMan Pro' Mod vulnerable system : phpBB 2.0.x exploit : dlman.php?func=fileinfo&fileid='SQL Injection Bug Found by : LovER BOY SecurityGurus Team www.securitygurusd0tNet...