2176 matches found
phpBB <= 2.0.19 XSS Remote Cookie Disclosure Exploit
No description provided by source. to be used with cookie stealer located here: http://www.milw0rm.com/id.php?id=1103 Make sure you change www.milw0rm.com to your domain. thnx. /str0ke Author: threesixthousan / As long as html is ON in the latest version of phpBB forums, several XSS attack vector...
phpBB <= 2.0.19 XSS Remote Cookie Disclosure Exploit
Exploit for unknown platform in category web applications ==================================================== phpBB tag means that the cursor must pass it in the y direction only. e.g. the mouse only needs to cross a point horrizontaly equal to the link in order for the javascript to be executed...
phpBB 2.0.19 - Cross-Site Scripting Remote Cookie Disclosure
to be used with cookie stealer located here: http://www.milw0rm.com/id.php?id=1103 https://www.exploit-db.com/exploits/1103/ Make sure you change www.milw0rm.com to your domain. thnx. /str0ke Author: threesixthousan / As long as html is ON in the latest version of phpBB forums, several XSS attack...
CVE-2006-0450
phpBB 2.0.19 and earlier allows remote attackers to cause a denial of service application crash by 1 registering many users through profile.php or 2 using search.php to search in a certain way that confuses the database...
CVE-2006-0450
phpBB 2.0.19 and earlier allows remote attackers to cause a denial of service application crash by 1 registering many users through profile.php or 2 using search.php to search in a certain way that confuses the database...
CVE-2006-0450
phpBB 2.0.19 and earlier allows remote attackers to cause a denial of service application crash by 1 registering many users through profile.php or 2 using search.php to search in a certain way that confuses the database...
CVE-2006-0450
CVE-2006-0450 affects phpBB 2.0.19 and earlier. The vulnerability allows remote attackers to cause a denial of service (application crash) by either: (1) registering many users through profile.php, or (2) performing a specially crafted search via search.php that confuses the database. The impact ...
HYSA-2006-001.txt
------=Part2278523101671.1138200225311 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline ------------------------------------------------------ HYSA-2006-001 h4cky0u.org Advisory 010...
[Full-disclosure] HYSA-2006-001 phpBB 2.0.19 search.php and profile.php DOS Vulnerability
------------------------------------------------------ HYSA-2006-001 h4cky0u.org Advisory 010 ------------------------------------------------------ Date - Wed Jan 25 2006 TITLE: ====== phpBB 2.0.19 search.php and profile.php DOS Vulnerability SEVERITY: ========= High SOFTWARE: ========= phpBB...
Update Protection against phpBB and PHPGedView Remote Execution Vulnerabilities
phpBB is a widely used bulletin board software package. PhpGedView is a genealogy program which allows for genealogy viewing and editing on the Web. Several vulnerabilities reported in phpBB and in PhpGedView could allow an attacker to execute arbitrary PHP code...
CVE-2006-0063
Cross-site scripting XSS vulnerability in phpBB 2.0.19, when "Allowed HTML tags" is enabled, allows remote attackers to inject arbitrary web script or HTML via a permitted HTML tag with ' single quote characters and active attributes such as onmouseover, a variant of CVE-2005-4357...
CVE-2006-0063
Cross-site scripting XSS vulnerability in phpBB 2.0.19, when "Allowed HTML tags" is enabled, allows remote attackers to inject arbitrary web script or HTML via a permitted HTML tag with ' single quote characters and active attributes such as onmouseover, a variant of CVE-2005-4357...
Cross site scripting
Cross-site scripting XSS vulnerability in phpBB 2.0.19, when "Allowed HTML tags" is enabled, allows remote attackers to inject arbitrary web script or HTML via a permitted HTML tag with ' single quote characters and active attributes such as onmouseover, a variant of CVE-2005-4357...
CVE-2006-0063
Cross-site scripting XSS vulnerability in phpBB 2.0.19, when "Allowed HTML tags" is enabled, allows remote attackers to inject arbitrary web script or HTML via a permitted HTML tag with ' single quote characters and active attributes such as onmouseover, a variant of CVE-2005-4357...
CVE-2006-0063
CVE-2006-0063 affects phpBB 2.0.19, where enabling “Allowed HTML tags” permits cross-site scripting by injecting arbitrary script or HTML via a permitted tag using a single quote character and active attributes such as onmouseover; this is a variant of CVE-2005-4357. The available connected docum...
phpBB < 2.0.19 Multiple XSS
According to its version number, the remote version of this software is vulnerable to JavaScript injection issues using 'url' bbcode tags and, if HTML tags are enabled, HTML more generally. This may allow an attacker to inject hostile JavaScript into the forum system to steal cookie credentials o...
[SA18252] phpBB "url" bbcode Script Insertion Vulnerability
TITLE: phpBB "url" bbcode Script Insertion Vulnerability SECUNIA ADVISORY ID: SA18252 VERIFY ADVISORY: http://secunia.com/advisories/18252/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: phpBB 2.x http://secunia.com/product/463/ DESCRIPTION: A vulnerabilit...
CVE-2005-4528
SQL injection vulnerability in the Chatspot 2.0.0a7 module for phpBB allows remote attackers to execute arbitrary SQL commands via unknown vectors...
CVE-2005-4529
The Chatspot 2.0.0a7 module for phpBB might allow remote attackers to impersonate other users via unknown vectors...
CVE-2005-4528
SQL injection vulnerability in the Chatspot 2.0.0a7 module for phpBB allows remote attackers to execute arbitrary SQL commands via unknown vectors...