PHPBB 1.x/2.0.x Knowledge Base Module KB.PHP SQL Injection Vulnerability

No description provided by source...

Dimension of phpBB <= 0.2.6 (phpbb_root_path) Remote File Includes

No description provided by source. / \ \ \ ,, / / '-./.-' .--' '--. / / /\ \ \ SpiderZ Hacking Security | | | | \ \ / / '..' Author: SpiderZ Dimension of phpBB Remote File Inclusion Vulnerability For: Dimension of phpBB 0.2.5 phpBB 2.0.21 Site: www.spiderz.altervista.org Site02:...

phpBB <= 2.0.12 Session Handling Authentication Bypass (tutorial 2)

No description provided by source. phpBB 2.0.12 Session Handling Authentication Bypass .. easy to use exploit .. YOU DON'T HAVE TO REGISTER AT THE VICTIM'S FORUM.. 1- Simply VISIT the forum using Mozilla Firefox.. and be sure that the cookie is made : 3- Close the Browser .. 2- Open the cookies.t...

phpBB <= 2.0.15 Register Multiple Users Denial of Service (c code)

No description provided by source...

phpBB 2.0.x Viewtopic.PHP PHP Script Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10701/info The 'viewtopic.php' phpBB script is prone to a remote PHP script injection vulnerability because the application fails to properly sanitize user-supplied URI parameters before using them to construct dynamicall...

Advanced GuestBook 2.3.1 Admin.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20902/info Advanced GuestBook for phpBB is prone to a remote file-include vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary...

PHPBB Photo Album 2.0.53 Module Album_Cat.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13157/info Photo Album is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

phpBB Fishing Cat Portal Addon - 'functions_portal.php' Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28708/info Fishing Cat Portal Addon for phpBB is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue can allow an attacker to compromise the...

phpBB PJIRC Module 0.5 - 'irc.php' Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28446/info The PJIRC module for phpBB is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings ...

Notes Module for PHPBB SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13417/info The notes module for phpBB is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

PHPBB Photo Album Module 2.0.53 Album_Comment.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13158/info Photo Album is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

Fully Modded phpBB <= 2021.4.40 Multiple File Include Vulnerabilities

No description provided by source. Fully Modded phpBB 2 Remote File Include PHPBB Exploit 2 Source Code: http://phpbbfm.net/support/indexfm.php http://kent.dl.sourceforge.net/sourceforge/phpbbfm/FM2021-4-40.tar.gz Vulnerable Code: include'includes/common.php'; $phpbbrootpath = $foingrootpath...

maluinfo <= 206.2.38 (bb_usage_stats.php) Remote File Include Exploit

No description provided by source. !/usr/bin/perl maluinfo 206.2.38 brazilian PHPBB Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high...

Blend Portal <= 1.2.0 (phpBB Mod) Remote File Inclusion Vulnerability

No description provided by source. Blend Portal = 1.2.0 for phpBB 2.x Remote File Inclusion Vulnerabilities Contacts ICQ: 10072 MSN/Mail: [email protected] web: www.nukedx.com This exploits works on Blend Portal = 1.2.0 for phpBB 2.x Original advisory can be found at:...

phpBB 2.0.3 privmsg.php SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6634/info A SQL injection vulnerability has been reported for phpBB2 systems that may result in the deletion of all private messages. phpBB2, in some cases, does not sufficiently sanitize user-supplied input which is used...

pafileDB <= 2.0.1 (mxBB/phpBB) Remote File Inclusion Vulnerability

No description provided by source. PafileDB Remote File InclusionphpBB Contact : irc.gigachat.net ir4dex & [email protected] Risk : High Class : Remote Script : pafileDB Version : not specified --------------------------------------------------------------------- Vulnerable code :...

PHPBB 2.0.x Profile.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13344/info phpBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

phpBB <= 2.0.10 Remote Command Execution Exploit (cgi version)

No description provided by source. !/usr/bin/perl wphpbb.cgi hack service: http://site/cgi-bin/wphpbb.cgi use CGI qw:standard; $CGI::HEADERSONCE = 1; $CGI = new CGI; $atak = $CGI-paramatak; $serv = $CGI-paramserv; $dir = $CGI-paramdir; $topic = $CGI-paramtopic; $cmd = $CGI-paramcmd; print...

PHPBB 2.0.13 DLMan Pro Module SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13028/info The DLMan Pro mod for phpBB is reportedly affected by an SQL Injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query...

phpBB Insert User Mod <= 0.1.2 - Remote File Include Exploit

No description provided by source. !/usr/bin/perl PHPBB insert user 0.1.2 Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://www.grahameames.co.uk/phpbb/downloads/insertuser0.1.2.zip...