[Hat-Squad] phpBB search_id injection exploit

Hello list, Here is the exploit code for phpbb 2.06 sql injection described in http://www.securityfocus.com/archive/1/345872 . It will return MD5 password hash of specified user as highlight variable for viewtopic.php in search results page...

phpBB 2.06 search.php SQL injection

Hello bugtraq readers, A vulnerability exists in phpBB 2.06 that could allow an attacker to manipulate SQL queries and gain administrative control over the forum. The search.php script of the application does not sufficiently sanitize the input of the "searchid" parameter. As a result of this an...

CVE-2003-1216

SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier allows remote attackers to execute arbitrary SQL and gain privileges via the searchid parameter...

XSS in & path disclosure phpBB forums

Affected versions: Dunno All? Code: http://www.phpbb.com/phpBB/search.php?searchid=3D1'scriptalert/guiler= minator20overload,20vampirun20mugroson/;/script Overview The error is like: ---------------- Could not obtain search results DEBUG MODE SQL Error : 1064 You have an error in your SQL syntax...

sql injection in phpbb

I found a vulnerability en phpbb 2.0.5 and prior, is probably also affect 2.0.6 this bug don't affect to version 2.0.7 phpbb have a list of registereds users, when you click on a memebr of this list, you are requesting data to the database for example:...

phpBB 2.0.x - profile.php SQL Injection

phpBB 2.0.x - profile.php SQL Injection source: https://www.securityfocus.com/bid/8994/info A SQL injection vulnerability has been reported for phpBB systems. phpBB, in some cases, does not sufficiently sanitize user-supplied input, which is used when constructing SQL queries to execute on the...

phpBB 2.0.x - 'profile.php' SQL Injection

source: https://www.securityfocus.com/bid/8994/info A SQL injection vulnerability has been reported for phpBB systems. phpBB, in some cases, does not sufficiently sanitize user-supplied input, which is used when constructing SQL queries to execute on the underlying database. As a result, it is...

phpBB 2.0.6 - URL BBCode HTML Injection

source: https://www.securityfocus.com/bid/8570/info phpBB BBCode has been reported prone to an HTML injection vulnerability. It has been reported that an attacker may inject malicious script into areas of phpBB where BBCode is rendered, for example, bulletin board posts or private messages. This...

phpBB 2.0.6 - URL BBCode HTML Injection

phpBB 2.0.6 - URL BBCode HTML Injection source: https://www.securityfocus.com/bid/8570/info phpBB BBCode has been reported prone to an HTML injection vulnerability. It has been reported that an attacker may inject malicious script into areas of phpBB where BBCode is rendered, for example, bulleti...

XSS vulnerability in phpBB

Hi, I have found a dangerous vunlerability in phpBB. I've verified that versions 2.0.5 and 2.0.4 AFAIK the two latest versions are affected, but probably more versions are vulnerable. If HTML is enabled for postings, a user can post a link like this: a...

CVE-2003-0486

SQL injection vulnerability in viewtopic.php for phpBB 2.0.5 and earlier allows remote attackers to steal password hashes via the topicid parameter...

CVE-2003-0484

Cross-site scripting XSS vulnerability in viewtopic.php for phpBB allows remote attackers to insert arbitrary web script via the topicid parameter...

phpBB 2.0.4 Remote php File Include Exploit

No description provided by source. // / phpBB 2.0.4 Remote AdminStyles.PHP ThemeInfo.CFG File Include / / / / Exploit made on June 2003 by Spoofed Existence / / / / Patch : http://www.phpbb.com/phpBB/viewtopic.php?t=113826 / // include stdio.h include sys/types.h include sys/socket.h include...

phpBB 2.0.4 - PHP Remote File Inclusion

// / phpBB 2.0.4 Remote AdminStyles.PHP ThemeInfo.CFG File Include / / / / Exploit made on June 2003 by Spoofed Existence / / / / Patch : http://www.phpbb.com/phpBB/viewtopic.php?t=113826 / // include include include include include int main //The socket stuff struct hostent hp; struct sockaddrin...

phpBB 2.0.4 Remote php File Include Exploit

Exploit for unknown platform in category web applications =========================================== phpBB 2.0.4 Remote php File Include Exploit =========================================== // / phpBB 2.0.4 Remote AdminStyles.PHP ThemeInfo.CFG File Include / / / / Exploit made on June 2003 by...

phpBB 2.0.4 - PHP Remote File Inclusion

phpBB 2.0.4 - PHP Remote File Inclusion // / phpBB 2.0.4 Remote AdminStyles.PHP ThemeInfo.CFG File Include / / / / Exploit made on June 2003 by Spoofed Existence / / / / Patch : http://www.phpbb.com/phpBB/viewtopic.php?t=113826 / // include include include include include int main //The socket...

CVE-2003-0484

CVE-2003-0484 is an XSS vulnerability in phpBB's viewtopic.php where an attacker can inject arbitrary script via the topic_id parameter. Affected: phpBB (viewtopic.php); Impact: partial confidentiality, integrity, and availability concerns at the browser level due to script execution. CVSS2 base ...

CVE-2003-0486

SQL injection vulnerability in viewtopic.php for phpBB 2.0.5 and earlier allows remote attackers to steal password hashes via the topicid parameter...

CVE-2003-0486

The CVE covers a SQL injection in phpBB's viewtopic.php (topic_id parameter) affecting phpBB 2.0.5 and earlier. The root cause is improper handling of user-supplied topic_id, enabling an attacker to exfiltrate password hashes. Connectivity details in the provided documents indicate risk of remote...

CVE-2003-0484

Cross-site scripting XSS vulnerability in viewtopic.php for phpBB allows remote attackers to insert arbitrary web script via the topicid parameter...