XSS Exploit In phpBB viewtopic.php

XSS Exploit In phpBB viewtopic.php A: BACKGROUND from phpbb.com phpBB is a high powered, fully scalable, and highly customisable open- source bulletin board package. phpBB has a user-friendly interface, simple and straightforward administration panel, and helpful FAQ. Based on the powerful PHP...

phpBB password disclosure by sql injection

Hi There is sql injection vuln in phpBB. The variable "topicid" is passed directly from GET to sql query in /viewtopic.php. It can be used to get md5 passwords for users. I am attaching details and proof of concept code. I've only tested this on mysql 4 and pgsql at my home machines so I might ha...

phpBB 2.0.5 SQL Injection password disclosure Exploit

Exploit for unknown platform in category web applications ===================================================== phpBB 2.0.5 SQL Injection password disclosure Exploit ===================================================== !/usr/bin/perl -w phpBB password disclosure vuln. - rick patel There is a sql...

phpBB 2.0.5 SQL Injection password disclosure Exploit

No description provided by source. !/usr/bin/perl -w phpBB password disclosure vuln. - rick patel There is a sql injection vuln which exists in /viewtopic.php file. The variable is $topicid which gets passed directly to sql server in query. Attacker could pass a special sql string which can used ...

phpBB 2.0.5 - SQL Injection Password Disclosure

phpBB 2.0.5 - SQL Injection Password Disclosure !/usr/bin/perl -w phpBB password disclosure vuln. - rick patel There is a sql injection vuln which exists in /viewtopic.php file. The variable is $topicid which gets passed directly to sql server in query. Attacker could pass a special sql string...

phpBB 2.0.5 - SQL Injection Password Disclosure

!/usr/bin/perl -w phpBB password disclosure vuln. - rick patel There is a sql injection vuln which exists in /viewtopic.php file. The variable is $topicid which gets passed directly to sql server in query. Attacker could pass a special sql string which can used to see md5 password hash for any us...

phpBB viewtopic.php topic_id Parameter SQL Injection

There is a flaw in the version of phpBB hosted on the remote web server that may allow anyone to inject arbitrary SQL commands, which could in turn be used to gain administrative access on the remote host or to obtain the MD5 hash of the password of any user. %NASLMINLEVEL 70300 C Tenable Network...

CVE-2002-0473

db.php in phpBB 2.0 aka phpBB2 RC-3 and earlier allows remote attackers to execute arbitrary code from remote servers via the phpbbrootpath parameter...

CVE-2002-0473

CVE-2002-0473 : The vulnerability affects db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier. The phpbb_root_path parameter enables remote attackers to execute arbitrary code from remote servers. This is a remote code execution issue in phpBB2 prior to the fixed version; no exploit details are pro...

CVE-2002-1537

adminugauth.php in phpBB 2.0.0 allows local users to gain administrator privileges by directly calling adminugauth.php with modifed form fields such as "u"...

phpBB Security Bugs

phpBB Security Bugs 2-18-2003 http://CGIshield.com Security Issue in phpBB 2.0,2.01, 2.02 Fixed in 2.03 phpBB, the most popular open source bulletin board software on the net, is vulnerable to a remotely exploitable SQL injection bug which allows stealing an administrator's password hash. With th...

phpBB SQL Injection vulnerability

phpBB SQL Injection vulnerability PROGRAM: phpBB VENDOR: phpBB Group HOMEPAGE: http://www.phpbb.com/ VULNERABLE VERSIONS: 2.0.3, possibly others IMMUNE VERSIONS: 2.0.4 LOGIN REQUIRED: yes DESCRIPTION: "phpBB is a UBB-style dissussion board written in PHP backended by a MySQL database. It includes...

phpBB 2.0.3 - 'privmsg.php' SQL Injection

source: https://www.securityfocus.com/bid/6634/info A SQL injection vulnerability has been reported for phpBB2 systems that may result in the deletion of all private messages. phpBB2, in some cases, does not sufficiently sanitize user-supplied input which is used when constructing SQL queries to...

CVE-2002-2255

Cross-site scripting XSS vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the searchusername parameter in searchuser mode...

CVE-2002-1894

Cross-site scripting XSS vulnerability in viewtopic.php in phpBB 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter...

CVE-2002-2287

PHP remote file inclusion vulnerability in quickreply.php for phpBB Advanced Quick Reply Hack 1.0.0 and 1.1.0 allows remote attackers to execute arbitrary PHP code via the phpbbrootpath parameter...

CVE-2002-1707

install.php in phpBB 2.0 through 2.0.1, when "allowurlfopen" and "registerglobals" variables are set to "on", allows remote attackers to execute arbitrary PHP code by modifying the phpbbrootdir parameter to reference a URL on a remote web server that contains the code...

CVE-2002-2346

phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses...

Cross-site Scripting Vulnerability in phpBB 2.0.3

Hello : here is the code ---------------- html body form method="post" name="search" action="http://target/search.php?mode=searchuser" input type="hidden" name="searchusername" value=""/ /form SCRIPT...

phpBB 2.0.3 - 'search.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/6311/info phpBB is vulnerable to cross site scripting attacks. This is due to insufficient santization of user-supplied input. The problem is located in the search.php script. This issue may be exploited by an attacker to steal a legitimate users...