CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

No description provided by source. source: http://www.securityfocus.com/bid/20277/info phpBB XS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to compromise the application and...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•14 views

phpBB XS <= 0.58 (functions.php) Remote File Include Vulnerability

No description provided by source. Author: AzzCoder Vendor: http://www.phpbbxs.eu/ Vulnerable File: includes/functions.php Vulnerable Code: //The phpbbrootpath isn't initialize includeonce $phpbbrootpath . './includes/functionscategorieshierarchy.' . $phpEx ; Method To Use:...

7.1AI score

Exploits0

Packet Storm•added 2008/03/24 12:0 a.m.•25 views

phpbbxsmod-lfi.txt

..%%%%....%%%%...%%..%%...........%%%%...%%%%%...%%%%%%..%%...%%. .%%......%%..%%..%%..%%..........%%..%%..%%..%%..%%......%%...%%. ..%%%%...%%..%%..%%%%%%..%%%%%%..%%......%%%%%...%%%%....%%.%.%%. .....%%..%%..%%..%%..%%..........%%..%%..%%..%%..%%......%%%%%%%...

7.4AI score

Exploits0

Prion•added 2007/09/21 7:17 p.m.•14 views

Cross site scripting

Cross-site scripting XSS vulnerability in profile.php in phpBB XS 2 allows remote attackers to inject arbitrary web script or HTML via the selfdes parameter in a profileinfo editprofile action...

4.3CVSS6.1AI score0.00409EPSS

Exploits0References5Affected Software1

NVD•added 2007/09/21 7:17 p.m.•10 views

CVE-2007-5033

Cross-site scripting XSS vulnerability in profile.php in phpBB XS 2 allows remote attackers to inject arbitrary web script or HTML via the selfdes parameter in a profileinfo editprofile action...

4.3CVSS5.7AI score0.00409EPSS

Exploits0References5

CVE•added 2007/09/21 6:0 p.m.•36 views

CVE-2007-5033

The provided data confirms CVE-2007-5033 is an XSS vulnerability in profile.php of phpBB XS 2. The flaw allows remote attackers to inject arbitrary web script or HTML via the selfdes parameter in a profile_info editprofile action. Affected component: profile.php in phpBB XS 2; root cause: insuffi...

4.3CVSS5.7AI score0.00409EPSS

Exploits0References5Affected Software1

Cvelist•added 2007/09/21 6:0 p.m.•16 views

CVE-2007-5033

Cross-site scripting XSS vulnerability in profile.php in phpBB XS 2 allows remote attackers to inject arbitrary web script or HTML via the selfdes parameter in a profileinfo editprofile action...

5.7AI score0.00409EPSS

Exploits0References5

Packet Storm•added 2007/09/21 12:0 a.m.•24 views

phpbb-permxss.txt

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ PhpBB Xs 2 profile.php Permanent Xss Vulnerability +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Found By Seph1roth +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ POST METHOD Corrupted page:...

7.4AI score

Exploits0

seebug.org•added 2006/11/05 12:0 a.m.•111 views

phpBB XS bb_usage_stats.php远程文件包含漏洞

phpBB XS是一款基于PHP的论坛程序。 phpBB XS在处理用户请求时存在输入验证漏洞，远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意命令。 phpBB XS的bbusagestats/includes/bbusagestats.php脚本没有正确验证phpbbrootpath参数的输入数据，允许攻击者通过包含本地或外部资源的任意文件导致执行任意代码。成功攻击要求打开了registerglobals。bbusagestats.php中漏洞代码如下： line 24 include$phpbbrootpath...

7.1AI score

Exploits0

Packet Storm•added 2006/10/04 12:0 a.m.•26 views

phpBBXS2.txt

SolpotCrew Community phpBB XS 2 spain version phpbbrootpath Remote File Inclusion Download : http://www.elanzuelo.es/phpbb.tar.gz Bug Found By :Solpot a.k.a k. Hasibuan 28-09-2006 contact: [email protected] Website : http://www.nyubicrew.org/adv/solpot-adv-10.txt Greetz: choi , h4ntu ,...

7.4AI score

Exploits0

Packet Storm•added 2006/10/04 12:0 a.m.•29 views

phpBBXS-0.58.txt

phpBB XS = 0.58 phpbbrootpath Remote File Include Vulnerability2 Author: XORON - SHiKaA URL: http://www.comscripts.com/jump.php?action=script&id=1082 Class: Remote Code: include$phpbbrootpath . 'language/lang' . $boardconfig'defaultlang' . '/langbbcbmg.' . $phpEx; Exploit:...

7.4AI score

Exploits0

securityvulns•added 2006/10/02 12:0 a.m.•24 views

phpBB XS <= 0.58 (phpbb_root_path) Remote File Include Vulnerability(2)

0.6AI score

Exploits0

exploitpack•added 2006/09/30 12:0 a.m.•8 views

phpBB XS 0.58 - Multiple Remote File Inclusions

phpBB XS 0.58 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/20277/info phpBB XS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to compromise the...

0.3AI score

Exploits0

NVD•added 2006/09/29 9:7 p.m.•14 views

CVE-2006-5094

PHP remote file inclusion vulnerability in includes/functionskb.php in the phpBB XS 2 Spain version allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter, a different vector than CVE-2006-4780 or CVE-2006-4893...

5.1CVSS7.3AI score0.0323EPSS

Exploits1References7

Cvelist•added 2006/09/29 9:0 p.m.•14 views

CVE-2006-5094

7.3AI score0.0323EPSS

Exploits1References7

CVE•added 2006/09/29 9:0 p.m.•40 views

CVE-2006-5094

CVE-2006-5094 applies to phpBB XS 2 (Spain version) with a PHP remote file inclusion in includes/functions_kb.php. The vulnerability allows a remote attacker to execute arbitrary PHP code by supplying a URL in the phpbb_root_path parameter. This is a network vector affecting phpBB XS 2 (Spain); t...

5.1CVSS7.4AI score0.0323EPSS

Exploits1References7Affected Software1

Positive Technologies•added 2006/09/29 12:0 a.m.•4 views

PT-2006-5832 · Phpbb Xs · Phpbb Xs

PHP remote file inclusion vulnerability in includes/functions kb.php in the phpBB XS 2 Spain version allows remote attackers to execute arbitrary PHP code via a URL in the phpbb root path parameter, a different vector than CVE-2006-4780 or CVE-2006-4893...

7.5CVSS7.3AI score0.09178EPSS

Exploits2References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by