2176 matches found
PT-2005-2067 · Phpbb · Phpbb
Name of the Vulnerable Software and Affected Versions: phpBB versions 2.0.x Description: The issue concerns a file upload script, specifically the mod for phpBB, which fails to properly restrict the types of files that can be uploaded. This allows remote authenticated users to execute arbitrary...
SQL INJECTION in DLMan Pro. PHPBB Mod.
SQL Injection was found in the Variable $fileid in : DLMan Pro' Mod vulnerable system : phpBB 2.0.x exploit : dlman.php?func=fileinfo&fileid='SQL Injection Bug Found by : LovER BOY SecurityGurus Team www.securitygurusd0tNet...
phpBB 2.0.13 DLMan Pro Module - SQL Injection
phpBB 2.0.13 DLMan Pro Module - SQL Injection source: https://www.securityfocus.com/bid/13028/info The DLMan Pro mod for phpBB is reportedly affected by an SQL Injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an...
phpBB 2.0.13 Linkz Pro Module - SQL Injection
phpBB 2.0.13 Linkz Pro Module - SQL Injection source: https://www.securityfocus.com/bid/13030/info The Linkz Pro mod for phpBB is reportedly affected by a SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an...
phpBB 2.0.13 DLMan Pro Module - SQL Injection
source: https://www.securityfocus.com/bid/13028/info The DLMan Pro mod for phpBB is reportedly affected by an SQL Injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could resu...
phpBB 2.0.13 Linkz Pro Module - SQL Injection
source: https://www.securityfocus.com/bid/13030/info The Linkz Pro mod for phpBB is reportedly affected by a SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could resul...
SQL INJECTION in LinksLinks Pro. PHPBB Mod.
SQL Injection was found in the Variable $id in : LinksLinks Pro Mod vulnerable system : phpBB 2.0.x exploit : links.php?func=show&id='SQL Injection Bug Found by : LovER BOY SecurityGurus Team www.securitygurusd0tNet...
phpBB <= 2.0.13 'Calendar Pro' mod Remote Exploit
No description provided by source. !/usr/bin/perl -w use IO::Socket; Example: C:\calphpbb.pl www.site.com /phpBB2/ 2 'Calendar Pro' Mod for phpBB Connecting... + Connected! Sending Data... Data Sent, Waiting for response... + MD5 Hash for user with id=2 is: 81dc9bdb52d04dc20036dbd8313ed055 if @AR...
phpBB 2.0.13 - 'Calendar Pro' mod Get Hash
!/usr/bin/perl -w use IO::Socket; Example: C:\calphpbb.pl www.site.com /phpBB2/ 2 'Calendar Pro' Mod for phpBB Connecting... + Connected! Sending Data... Data Sent, Waiting for response... + MD5 Hash for user with id=2 is: 81dc9bdb52d04dc20036dbd8313ed055 if @ARGV \n"; print " e.g.: calphpbb.pl...
phpBB 2.0.13 - Calendar Pro mod Get Hash
phpBB 2.0.13 - Calendar Pro mod Get Hash !/usr/bin/perl -w use IO::Socket; Example: C:\calphpbb.pl www.site.com /phpBB2/ 2 'Calendar Pro' Mod for phpBB Connecting... + Connected! Sending Data... Data Sent, Waiting for response... + MD5 Hash for user with id=2 is: 81dc9bdb52d04dc20036dbd8313ed055 ...
phpBB 2.0.13 - 'downloads.php' mod Get Hash
!/usr/bin/perl -w use IO::Socket; Example: C:\phpbb.pl www.site.com /phpBB2/ 2 downloads.php mod in phpBB \n"; print " e.g.: phpbb.pl www.site.com /phpBB2/ 2 \n"; print " - site address\n"; print " - forum folder\n"; print " - user id 2 default for phpBB admin\n"; print "||\n"; print "\n\n"; exit...
phpBB <= 2.0.13 'downloads.php' mod Remote Exploit
No description provided by source. !/usr/bin/perl -w use IO::Socket; Example: C:\phpbb.pl www.site.com /phpBB2/ 2 downloads.php mod in phpBB = 2.0.13 Connecting... + Connected! Sending Data... Data Sent, Waiting for response... + MD5 Hash for user with id=2 is: 81dc9bdb52d04dc20036dbd8313ed055 if...
phpBB 2.0.13 - downloads.php mod Get Hash
phpBB 2.0.13 - downloads.php mod Get Hash !/usr/bin/perl -w use IO::Socket; Example: C:\phpbb.pl www.site.com /phpBB2/ 2 downloads.php mod in phpBB \n"; print " e.g.: phpbb.pl www.site.com /phpBB2/ 2 \n"; print " - site address\n"; print " - forum folder\n"; print " - user id 2 default for phpBB...
CVE-2005-0871
The CVE-2005-0871 entry describes a vulnerability in the Topic Calendar 1.0.1 module for phpBB. When run on Microsoft IIS, remote attackers can obtain sensitive information by supplying invalid parameters, which cause error messages to reveal the server path. The affected component is calendar_sc...
CVE-2005-0872
Cross-site scripting XSS vulnerability in calendarscheduler.php in the Topic Calendar 1.0.1 module for phpBB allows remote attackers to inject arbitrary web script or HTML via the start parameter...
CVE-2005-0872
Topic Calendar 1.0.1 for phpBB is affected. The vulnerability is a cross-site scripting (XSS) flaw in calendar_scheduler.php that allows remote attackers to inject arbitrary web script or HTML through the start parameter. This is documented in multiple sources (OpenVAS entry “Topic Calendar XSS” ...
phpbb2013user.txt
------------------------------------------------------------------------ phpBB 2.0.13 user level exploit By : Morinex e-mail : [email protected] date : 20-03-2005 greetz : Ali7 for helping me =P , Zeltha , code , ASC and w00pie.NL Exploit not founded by me! Dunno who is the founder of this bug. T...
phpBB 2.0.12 - Change User Rights Authentication Bypass (C)
phpBB 2.0.12 - Change User Rights Authentication Bypass C / Paisterist's code was nice but heres mil's version. precompiled: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/897.rar Usage: bcc32 897.cpp and place the exe in your firefox profile dir. Usually...
phpBB <= 2.0.12 Change User Rights Authentication Bypass (c code)
Exploit for unknown platform in category web applications ================================================================= phpBB include include //Taken from VeNoMouS's love cow code char searchandreplace char text, char find, char replace char found,newtext; int...
codebug-8.txt
CODEBUG Labs Advisory 8 Title: Multiple vulnerabilities in Topic Calendar 1.0.1 for phpBB Author: Alberto Trivero English Version: Alberto Trivero Product: Topic Calendar 1.0.1 Type: Multiple Vulnerabilities Web: http://www.codebug.org/ -- Software Page www.phpbb.com/phpBB/viewtopic.php?t=150857...