CVE-2005-0603

viewtopic.php in phpBB 2.0.12 and earlier allows remote attackers to obtain sensitive information via a highlight parameter containing invalid regular expression syntax, which reveals the path in a PHP error message...

phpBB: Multiple vulnerabilities

Background phpBB is an Open Source bulletin board package. Description It was discovered that phpBB contains a flaw in the session handling code and a path disclosure bug. AnthraX101 discovered that phpBB allows local users to read arbitrary files, if the "Enable remote avatars" and "Enable avata...

CVE-2005-0603

viewtopic.php in phpBB 2.0.12 and earlier allows remote attackers to obtain sensitive information via a highlight parameter containing invalid regular expression syntax, which reveals the path in a PHP error message...

phpBB 2.0.x - Authentication Bypass (1)

phpBB 2.0.x - Authentication Bypass 1 // source: https://www.securityfocus.com/bid/12678/info phpBB is affected by an authentication bypass vulnerability. This issue is due to the application failing to properly sanitize user-supplied input during authentication. Exploitation of this vulnerabilit...

[SA14413] phpBB "autologinid" Security Bypass

---------------------------------------------------------------------- Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS Request Trial: https://ca.secunia.com/?f=l...

phpBB <= 2.0.12 Multiple Vulnerabilities

The remote host is running a version of phpBB that suffers from a session handling flaw allowing a remote attacker to gain access to any account, including that of an administrator. Also, there is a path disclosure bug in 'viewtopic.php' that can be exploited by a remote attacker to reveal...

PT-2005-1651 · Phpbb · Phpbb

Name of the Vulnerable Software and Affected Versions: phpBB versions 2.0.12 and earlier Description: The issue allows remote attackers to obtain sensitive information via a highlight parameter containing invalid regular expression syntax in the "viewtopic.php" API endpoint. This reveals the path...

phpBB 2.0.x - Authentication Bypass (2)

phpBB 2.0.x - Authentication Bypass 2 source: https://www.securityfocus.com/bid/12678/info phpBB is affected by an authentication bypass vulnerability. This issue is due to the application failing to properly sanitize user-supplied input during authentication. Exploitation of this vulnerability...

phpbb -- Insuffient check against HTML code in usercp_register.php

Neo Security Team reports: If we specify a variable in the html code any type: hidden, text, radio, check, etc with the name allowhtml, allowbbcode or allowsmilies, is going to be on the html, bbcode and smilies in our signature. This is a low risk vulnerability that allows users to bypass...

phpBB 2.0.x - Authentication Bypass (1)

// source: https://www.securityfocus.com/bid/12678/info phpBB is affected by an authentication bypass vulnerability. This issue is due to the application failing to properly sanitize user-supplied input during authentication. Exploitation of this vulnerability would permit unauthorized access to...

phpBB 2.0.x - Authentication Bypass (3)

source: https://www.securityfocus.com/bid/12678/info phpBB is affected by an authentication bypass vulnerability. This issue is due to the application failing to properly sanitize user-supplied input during authentication. Exploitation of this vulnerability would permit unauthorized access to any...

phpBB < 2.0.13 Cookie Authentication Bypass

Binary data 2658.prm...

phpBB 2.0.x - Authentication Bypass (2)

source: https://www.securityfocus.com/bid/12678/info phpBB is affected by an authentication bypass vulnerability. This issue is due to the application failing to properly sanitize user-supplied input during authentication. Exploitation of this vulnerability would permit unauthorized access to any...

phpBB 2.0.x - Authentication Bypass (3)

phpBB 2.0.x - Authentication Bypass 3 source: https://www.securityfocus.com/bid/12678/info phpBB is affected by an authentication bypass vulnerability. This issue is due to the application failing to properly sanitize user-supplied input during authentication. Exploitation of this vulnerability...

-==phpBB 2.0.12 Full path disclosure==-

/ -------------------------------------------------------- Neo Security Team NST® - Advisory 06 - 25/02/05 -------------------------------------------------------- Program: phpBB 2.0.12 Homepage: http://www.phpbb.com Vulnerable Versions: phpBB 2.0.12 & Lower versions Risk: Low Risk!! Impact: Full...

phpbb -- privilege elevation and path disclosure

The phpbb developer group reports: phpBB Group announces the release of phpBB 2.0.13, the "Beware of the furries" edition. This release addresses two recent security exploits, one of them critical. They were reported a few days after .12 was released and no one is more annoyed than us, having to...

phpBB vulnerable to file disclosure

Overview The phpBB input validation methods may fail to sanitize user input resulting in a disclosure of arbitrary file data. Description phpBB is a customizable open source bulletin board package. It contains functionality that allows users to specify graphic files for use as "avatars." These...

iDEFENSE Security Advisory 02.22.05: phpBB Group phpBB2 Arbitrary File Unlink Vulnerability

phpBB Group phpBB2 Arbitrary File Unlink Vulnerability iDEFENSE Security Advisory 02.22.05 www.idefense.com/application/poi/display?id=205&type=vulnerabilities February 22, 2005 I. BACKGROUND phpBB is an open source bulletin board package written in the PHP web scripting language. More informatio...

PHPBB 2.0.12 bug

PHPBB 2.0.12 is vulnable again to a path disclosure bug.And again the bug is in viewtopic.php.I wont repeat my firs submition so here is the bug: http://localhost/forum/viewtopic.php?t=4&highlight= As you can see you just need a valid topic.Here is a nother example:...

iDEFENSE Security Advisory 02.22.05: phpBB Group phpBB Arbitrary File Disclosure Vulnerability

phpBB Group phpBB Arbitrary File Disclosure Vulnerability iDEFENSE Security Advisory 02.22.05 www.idefense.com/application/poi/display?id=204&type=vulnerabilities February 22, 2005 I. BACKGROUND phpBB is an open source bulletin board package written in the PHP web scripting language. More...