CVE-2005-3416

phpBB 2.0.17 and earlier, when registerglobals is enabled and the sessionstart function has not been called to handle a session, allows remote attackers to bypass security checks by setting the $SESSION and $HTTPSESSIONVARS variables to strings instead of arrays, which causes an arraymerge functi...

CVE-2005-3418

CVE-2005-3418 affects phpBB 2.0.17 and earlier: multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary web scripts via (1) error_msg in usercp_register.php, (2) forward_page in login.php, or (3) list_cat in search.php—globals not initialized as variabl...

CVE-2005-3420

CVE-2005-3420 affects phpBB 2.0.x (notably phpBB 2.0.17) via the signature_bbcode_uid parameter in usercp_register.php, allowing remote attackers to modify regular expressions and execute PHP code. Debian and OpenVAS advisories group this with multiple phpBB vulnerabilities; Debian fixes upgrade ...

CVE-2005-3419

CVE-2005-3419 is a SQL injection vulnerability in phpBB2 (phpBB 2.0.x). The Debian advisory DSA-925-1 and OpenVAS entries enumerate that phpBB2 could be affected via the signature_bbcode_uid parameter, enabling remote attackers to execute arbitrary SQL commands. The issue is listed among multiple...

CVE-2005-3420

usercpregister.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signaturebbcodeuid parameter, as demonstrated by injecting an "e" modifier into a pregreplace statement...

CVE-2005-3415

CVE-2005-3415 affects phpBB 2.0.17 and earlier, where remote attackers can bypass protection by setting a GET/POST/COOKIE variable and a GLOBALS[] variable with the same name, causing GLOBALS[] to be unset while the GPC variable remains. This can manipulate phpBB behavior. The OpenVAS and Debian ...

CVE-2005-3417

phpBB 2.0.17 and earlier, when the registerlongarrays directive is disabled, allows remote attackers to modify global variables and bypass security mechanisms because PHP does not define the associated HTTP variables...

CVE-2005-3415

phpBB 2.0.17 and earlier allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GET/POST/COOKIE GPC variable and a GLOBALS variable with the same name, which causes phpBB to unset the GLOBALS variable but not the GPC variable...

CVE-2005-3417

The issue concerns phpBB 2.0.x (2.0.17 and earlier). CVE-2005-3417 is documented as allowing remote attackers to modify global variables and bypass security when certain PHP globals behavior is altered. OpenVAS and Debian/FreeBSD advisories confirm a set of related flaws (CVE-2005-3310, 3415, 341...

[Full-disclosure] Advisory 17/2005: phpBB Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: phpBB Multiple Vulnerabilities Release Date: 2005/10/31 Last Modified: 2005/10/31 Author: Stefan Esser [email protected] Application: phpBB = 2.0.17 Severity: Multiple...

CVE-2005-3310

Interpretation conflict in phpBB 2.0.17, with remote avatars and avatar uploading enabled, allows remote authenticated users to inject arbitrary web script or HTML via an HTML file with a GIF or JPEG file extension, which causes the HTML to be executed by a victim who views the file in Internet...

CVE-2005-3310

Interpretation conflict in phpBB 2.0.17, with remote avatars and avatar uploading enabled, allows remote authenticated users to inject arbitrary web script or HTML via an HTML file with a GIF or JPEG file extension, which causes the HTML to be executed by a victim who views the file in Internet...

phpBB-IE-gif.txt

phpBB 2.0.17 and other BB systems as well Cookie disclosure exploit. I sent the report to phpBB and they said that a patch will be available withing a few days and It will be integrated into 2.0.18 . Note: This works like XSS, and requires the victim to use IE Affects all versions of IE. Special...

CVE-2005-3310

Interpretation conflict in phpBB 2.0.17, with remote avatars and avatar uploading enabled, allows remote authenticated users to inject arbitrary web script or HTML via an HTML file with a GIF or JPEG file extension, which causes the HTML to be executed by a victim who views the file in Internet...

CVE-2005-3310

The CVE-2005-3310 issue affects phpBB2 (v2.0.17) where remote authenticated users can inject arbitrary web script/HTML via HTML files with a GIF/JPEG extension when remote avatars and avatar uploads are enabled, leading to cross-site scripting on viewed pages. Root cause: interpretation errors in...

[SA17295] phpBB Avatar Script Insertion Vulnerability

TITLE: phpBB Avatar Script Insertion Vulnerability SECUNIA ADVISORY ID: SA17295 VERIFY ADVISORY: http://secunia.com/advisories/17295/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: phpBB 2.x http://secunia.com/product/463/ DESCRIPTION: K-Gen has discovered a...

phpbb -- multiple vulnerabilities

Multiple vulnerabilities have been reported within phpbb. phpbb is proven vulnerable to: script insertion, bypassing of protetion mechanisms, multiple cross site scripting vulnerabilities, SQL injection, arbitrary code execution...

[Full-disclosure] phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit.

phpBB 2.0.17 and other BB systems as well Cookie disclosure exploit. I sent the report to phpBB and they said that a patch will be available withing a few days and It will be integrated into 2.0.18 . Note: This works like XSS, and requires the victim to use IE Affects all versions of IE. Special...

r57phpbb_admin2exec.pl.txt

!/usr/bin/perl r57phpbbadmin2exec.pl phpBB adminstyles.php commands execution exploit tested on phpBB 2.0.13 by 1dt.w0lf RST/GHC http://rst.void.ru http://ghc.ru screen r57phpbbadmin2exec.pl -p http://blah.com/phpBB/admin/ -s 0864cb0abb396319c589ebc2a98c2c5d -c getprefix...

phpBB 2.0.13 - admin_styles.php Remote Command Execution

phpBB 2.0.13 - adminstyles.php Remote Command Execution !/usr/bin/perl r57phpbbadmin2exec.pl phpBB adminstyles.php commands execution exploit tested on phpBB 2.0.13 by 1dt.w0lf RST/GHC http://rst.void.ru http://ghc.ru screen r57phpbbadmin2exec.pl -p http://blah.com/phpBB/admin/ -s...