PHPBB 2.0.x Authentication Bypass Vulnerability (1)

No description provided by source...

CVE-2007-2858

SQL injection vulnerability in the IP-Search functionality in the IP-Tracking Mod for phpBB 2.0.x allows remote authenticated administrators to execute arbitrary SQL commands via the Search Query field...

Sql injection

SQL injection vulnerability in the IP-Search functionality in the IP-Tracking Mod for phpBB 2.0.x allows remote authenticated administrators to execute arbitrary SQL commands via the Search Query field...

CVE-2007-2858

CVE-2007-2858 describes an SQL injection in the IP-Search function of the IP-Tracking Mod for phpBB 2.0.x. The vulnerability allows remote authenticated administrators to execute arbitrary SQL commands through the Search Query field. The provided documents confirm the affected software/module and...

CVE-2007-2858

SQL injection vulnerability in the IP-Search functionality in the IP-Tracking Mod for phpBB 2.0.x allows remote authenticated administrators to execute arbitrary SQL commands via the Search Query field...

CVE-2006-6421

Cross-site scripting XSS vulnerability in the private message box implementation privmsg.php in phpBB 2.0.x allows remote authenticated users to inject arbitrary web script or HTML via the "Message body" field in a message to a non-existent user...

CVE-2006-6421

CVE-2006-6421 is an XSS in phpBB 2.0.x; the private messaging (privmsg.php) feature allows remote authenticated users to inject arbitrary script/HTML via the Message body when targeting a non-existent user. Affected component: phpBB 2.0.x private messaging; root cause is user-supplied input not s...

phpbb 2.0.x [xss]

vendor site:http://phpbb.com/ product:phpbb bug:xss risk:low A xss post has been discovered in phpbb ,the impact of this attack is very low ,because it's more a bug , than a vulnerability . An authentificated user can excute some html code in his private message box , by sending a message to an...

phpBB Security Suite Mod 1.0.0 (logger_engine.php) Remote File Include

No description provided by source. / \ \ \ ,, / / '-./.-' .--' '--. / / /""\ \ \ SpiderZ Hacking Security | | | | \ \ / / '..' Author: SpiderZ Security Suite IP Logger Remote File Inclusion Vulnerability For: phpBB 2.0.x - 2.0.21 Site: www.spiderz.altervista.org Site02: www.spiderz.netsons.org...

phpBBupload.txt

Advisory 1 "phpBB Upload Script "up.php" Arbitrary File Upload" $ Author: Status-x $ Contact: [email protected] - [email protected] $ Date: 7 April 2005 $ Website: http://defacers.com.mx $ Original Advisory: http://www.defacers.com.mx/advisories/2.txt $ Risk: High $ Vendor URL:...

linkslinks.txt

SQL Injection was found in the Variable $id in : LinksLinks Pro Mod vulnerable system : phpBB 2.0.x exploit : links.php?func=show&id='SQL Injection Bug Found by : LovER BOY SecurityGurus Team www.securitygurusd0tNet...

dlmanphpBB.txt

SQL Injection was found in the Variable $fileid in : DLMan Pro' Mod vulnerable system : phpBB 2.0.x exploit : dlman.php?func=fileinfo&fileid='SQL Injection Bug Found by : LovER BOY SecurityGurus Team www.securitygurusd0tNet...

CVE-2005-1047

Meilad File upload script up.php mod for phpBB 2.0.x does not properly limit the types of files that can be uploaded, which allows remote authenticated users to execute arbitrary commands by uploading PHP files, then directly requesting them from the uploads directory...

CVE-2005-1026

Multiple SQL injection vulnerabilities in SnailSource phpBB 2.0.x mods allow remote attackers to execute arbitrary SQL commands via the 1 fileid parameter to dlman.php in DLMan Pro or 2 id parameter to links.php in Linkz Pro aka LinksLinks Pro...

phpBB Upload Script "up.php" Arbitrary File Upload

Advisory 1 "phpBB Upload Script "up.php" Arbitrary File Upload" $ Author: Status-x $ Contact: [email protected] - [email protected] $ Date: 7 April 2005 $ Website: http://defacers.com.mx $ Original Advisory: http://www.defacers.com.mx/advisories/2.txt $ Risk: High $ Vendor URL:...

CVE-2005-1047

Meilad File upload script up.php mod for phpBB 2.0.x does not properly limit the types of files that can be uploaded, which allows remote authenticated users to execute arbitrary commands by uploading PHP files, then directly requesting them from the uploads directory...

SQL INJECTION in LinksLinks Pro. PHPBB Mod.

SQL Injection was found in the Variable $id in : LinksLinks Pro Mod vulnerable system : phpBB 2.0.x exploit : links.php?func=show&id='SQL Injection Bug Found by : LovER BOY SecurityGurus Team www.securitygurusd0tNet...

phpBB 2.0.x - 'profile.php' SQL Injection

source: https://www.securityfocus.com/bid/8994/info A SQL injection vulnerability has been reported for phpBB systems. phpBB, in some cases, does not sufficiently sanitize user-supplied input, which is used when constructing SQL queries to execute on the underlying database. As a result, it is...