phpBB 2.0.x - 'album_portal.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/10177/info It has been reported that phpBB may be prone to a file include vulnerability that may allow remote attackers to include a remote malicious script to be executed on a vulnerable system...

phpBBmod.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --====----====----====----====----====----====----====----====----====----===-- Product: phpBB modified by Przemo Version: v1.8 Vendor: http://przemo.org/phpBB2/ Discover by: Officerrr Vendor Response: Not contacted yet... Severity: Medium arbitary...

phpBB 2.0.x - album_portal.php Remote File Inclusion

phpBB 2.0.x - albumportal.php Remote File Inclusion source: https://www.securityfocus.com/bid/10177/info It has been reported that phpBB may be prone to a file include vulnerability that may allow remote attackers to include a remote malicious script to be executed on a vulnerable system...

phpBB IP address spoofing

The common.php script always trusts the X-Forwarded-For' header in the client's HTTP request. A remote user could forge this header in order to bypass any IP address access control lists ACLs...

[waraxe-2004-SA#013 - Critical sql injection bug in PhpBB 2.0.8 and in older versions]

================================================================================ waraxe-2004-SA013 ================================================================================ Critical sql injection bug in PhpBB 2.0.8 and in older versions...

waraxe-2004-SA013.txt

================================================================================ waraxe-2004-SA013 ================================================================================ Critical sql injection bug in PhpBB 2.0.8 and in older versions...

Critical SQL injection in phpBB

Anyone can get admin's username and password's md5 hash via a single web request. A working example is provided in the advisory...

Phpbb 2.0.7a And Earlier Secuity Issues

Vendor : phpBB Group URL : http://www.phpbb.com Version : phpBB 2.0.7a && Earlier Risk : Multiple Vulnerabilities Description: phpBB is a high powered, fully scalable, and highly customisable open-source bulletin board package. phpBB has a user-friendly interface, simple and straight forward...

phpBB profile.php Cross Site Scripting Vulnerability

Advisory Name : phpBB profile.php Cross Site Scripting Vulnerability Release Date : Mar 21,2004 Application : phpBB Version : phpBB 2.0.6d or others? Platform : PHP Vendor URL : http://www.phpbb.com/ Author : Cheng Peng Suapplesoupatmsn.com Proof of Conecpt: This vuln is in profile.php,when you...

[waraxe-2004-SA#009 - Non-critical Sql injection and XSS bug in PhpBB 2.0.6c]

================================================================================ waraxe-2004-SA009 ================================================================================ Non-critical Sql injection and XSS bug in PhpBB 2.0.6c...

phpBB 1.x2.0.x - Multiple Input Validation Vulnerabilities

phpBB 1.x2.0.x - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/9942/info It has been reported that phpBB may be prone to multiple vulnerabilities that could allow an attacker to carry out SQL injection and cross-site scripting attacks. These vulnerabilities...

phpBB 1.x/2.0.x - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/9942/info It has been reported that phpBB may be prone to multiple vulnerabilities that could allow an attacker to carry out SQL injection and cross-site scripting attacks. These vulnerabilities result from insufficient sanitization of user-supplied input...

multiple vulnerabilities in phpBB

Users with admin rights can severly damage an phpBB installation, potentially triggered by viewing a page with a malicious link sent by an attacker...

phpBB 2.0.7a - Multiple Vulnerabilities

phpBB 2.0.7a - Multiple Vulnerabilities phpBB Multiple Vulnerabilities Vendor: phpBB Group Product: phpBB Version: = 2.0.7a Website: http://www.phpbb.com BID: 9942 Description: phpBB is a high powered, fully scalable, and highly customisable open-source bulletin board package. phpBB has a...

phpBB < 2.0.7a - Multiple Vulnerabilities

phpBB Multiple Vulnerabilities Vendor: phpBB Group Product: phpBB Version: = 2.0.7a Website: http://www.phpbb.com BID: 9942 Description: phpBB is a high powered, fully scalable, and highly customisable open-source bulletin board package. phpBB has a user-friendly interface, simple and...

CVE-2004-0339

Cross-site scripting XSS vulnerability in ViewTopic.php in phpBB, possibly 2.0.6c and earlier, allows remote attackers to execute arbitrary script or HTML as other users via the postorder parameter...

CVE-2004-0339

CVE-2004-0339 : A cross-site scripting (XSS) flaw exists in phpBB’s ViewTopic.php, affecting possibly 2.0.6c and earlier. The vulnerability allows an attacker to execute arbitrary script or HTML as other users via the postorder parameter. Other connected records corroborate the same description (...

phpBB 2.0.6d && Earlier Security Issues

Vendor : phpBB Group URL : http://www.phpbb.com Version : phpBB 2.0.6d && Earlier Risk : Cross Site Scripting Description: phpBB is a high powered, fully scalable, and highly customisable open-source bulletin board package. phpBB has a user-friendly interface, simple and straight forward...

phpBBXSS206d.txt

Vendor : phpBB Group URL : http://www.phpbb.com Version : phpBB 2.0.6d && Earlier Risk : Cross Site Scripting Description: phpBB is a high powered, fully scalable, and highly customisable open-source bulletin board package. phpBB has a user-friendly interface, simple and straight forward...

[SCAN Associates Sdn Bhd Security Advisory] phpBB 2.0.6 and below sql injection

Products: phpBB 2.0.6 and below http://www.phpbb.com Found date: 4 January 2004 Publish date: 15 March 2004 Author: pokleyzz pokleyzzatscan-associates.net Contributors: skatscan-associates.net shaharilatscan-associates.net muniratscan-associates.net URL: http://www.scan-associates.net Summary:...