Sql injection

phpBB 2.0.20 does not properly verify user-specified input variables used as limits to SQL queries, which allows remote attackers to obtain sensitive information via a negative LIMIT specification, as demonstrated by the start parameter to memberlist.php, which reveals the SQL query in the...

Design/Logic Flaw

phpBB 2.0.20 does not verify user-specified input variable types before being passed to type-dependent functions, which allows remote attackers to obtain sensitive information, as demonstrated by the 1 mode parameter to memberlist.php and the 2 highlight parameter to viewtopic.php that are used a...

CVE-2006-2219

Summary: CVE-2006-2219 affects phpBB 2.0.20 . The issue arises because user-supplied input variable types are not verified before being passed to type-dependent functions, enabling information disclosure via error messages. Demonstrated with the mode parameter to memberlist.php and the highlight ...

CVE-2006-2219

phpBB 2.0.20 does not verify user-specified input variable types before being passed to type-dependent functions, which allows remote attackers to obtain sensitive information, as demonstrated by the 1 mode parameter to memberlist.php and the 2 highlight parameter to viewtopic.php that are used a...

CVE-2006-2220

phpBB 2.0.20 does not properly verify user-specified input variables used as limits to SQL queries, which allows remote attackers to obtain sensitive information via a negative LIMIT specification, as demonstrated by the start parameter to memberlist.php, which reveals the SQL query in the...

CVE-2006-2220

PHPBB 2.0.20 is vulnerable to an information disclosure due to improper validation of user-supplied inputs used as SQL LIMIT bounds. The issue allows remote attackers to reveal sensitive data via a negative LIMIT (demonstrated through memberlist.php), producing an error message that exposes the q...

CVE-2007-0762

PHP remote file inclusion vulnerability in includes/functions.php in phpBB++ Build 100 allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in includes/functions.php in phpBB++ Build 100 allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2007-0762

CVE-2007-0762 affects phpBB++ Build 100. The vulnerability is a PHP remote file inclusion in includes/functions.php that lets an attacker execute arbitrary PHP code by supplying a URL in the phpbb_root_path parameter. Impact per the entry is arbitrary code execution with the web server, enabling ...

CVE-2007-0761

CVE-2007-0761 affects the phpBB ezBoard converter (ezconvert) 0.2. The vulnerability is a PHP remote file inclusion in config.php, exploitable via a URL in the ezconvert_dir parameter, allowing an attacker to execute arbitrary PHP code on the affected system. Concrete details in connected records...

CVE-2007-0762

PHP remote file inclusion vulnerability in includes/functions.php in phpBB++ Build 100 allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

Categories hierarchy phpBB Mod 2.1.2 (phpbb_root_path) RFI Exploit

No description provided by source. C xoron Name: Categories hierarchy v2.1.2 phpbbrootpath Remote File Include Exploit Script name: Ptifo mod-CH212installed Author: xoron Exploit coded by xoron Download: http://sourceforge.net/project/showfiles.php?groupid=125710 xoron.biz - xoron.info Thanx:...

omegaboard-rfi.txt

----------------------------------------------- Omegaboard v1.0b4 phpbbrootpath Remote File Include Exploit ----------------------------------------------- Author: xoron xoron.biz - xoron.info ----------------------------------------------- Code: includeonce $phpbbrootpath...

Categories hierarchy phpBB Mod 2.1.2 (phpbb_root_path) RFI Exploit

Exploit for unknown platform in category web applications ================================================================== Categories hierarchy phpBB Mod 2.1.2 phpbbrootpath RFI Exploit ================================================================== C xoron Name: Categories hierarchy v2.1.2...

Categories hierarchy phpBB Mod 2.1.2 - 'phpbb_root_path' Remote File Inclusion

C xoron Name: Categories hierarchy v2.1.2 phpbbrootpath Remote File Include Exploit Script name: Ptifo mod-CH212installed Author: xoron Exploit coded by xoron Download: http://sourceforge.net/project/showfiles.php?groupid=125710 xoron.biz - xoron.info Thanx: str0ke, kacper, k1tk4t, SHiKA, can bjo...

Remote file inclusion

PHP remote file inclusion vulnerability in includes/functions.php in Phpbb Tweaked 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2007-0680

PHP remote file inclusion vulnerability in includes/functions.php in Phpbb Tweaked 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2007-0680

PHP remote file inclusion vulnerability in includes/functions.php in Phpbb Tweaked 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2007-0680

CVE-2007-0680 describes a PHP remote file inclusion in the file includes/functions.php of Phpbb Tweaked 3 and earlier . An attacker can supply a crafted URL to the parameter phpbb_root_path , causing the application to include remote PHP code and potentially execute arbitrary code on the server. ...

phpBB++ Build 100 (phpbb_root_path) Remote File Include Exploit

No description provided by source. C xoron Name: phpBB++ phpbbrootpath Remote File Include Exploit Author: xoron Exploit coded by xoron Download: http://sourceforge.net/project/showfiles.php?groupid=86688&packageid=90098 xoron.biz - xoron.info Thanx: str0ke, kacper, k1tk4t, SHiKA, can bjorn...