2176 matches found
phpBB <= 2.0.16 XSS Remote Cookie Disclosure Exploit (cookie grabber)
No description provided by source. // Original Author: 'Sjaak Rake' Ref: http://www.hackthissite.org/articles/read/175/ ?php $cookie = $GET'c'; $ip = getenv 'REMOTEADDR'; $date=datej F, Y, g:i a; $referer=getenv 'HTTPREFERER'; $fp = fopen'cookies.txt', 'a'; fwrite$fp, 'Cookie: '.$cookie.'br IP: '...
phpBB <= 2.0.15 Register Multiple Users Denial of Service (c code)
No description provided by source...
phpBB PJIRC Module 0.5 - 'irc.php' Local File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28446/info The PJIRC module for phpBB is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings ...
phpBB Fishing Cat Portal Addon - 'functions_portal.php' Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28708/info Fishing Cat Portal Addon for phpBB is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue can allow an attacker to compromise the...
PHPBB Photo Album 2.0.53 Module Album_Cat.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13157/info Photo Album is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
Advanced GuestBook 2.3.1 Admin.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20902/info Advanced GuestBook for phpBB is prone to a remote file-include vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary...
com_forum Mambo Component <= 1.2.4RC3 Remote Include Vulnerability
No description provided by source. Bug Found by h4ntu http://h4ntu.com batamhacker crew Another Mambo component remote inclusion vulneribility download : http://mamboxchange.com/frs/download.php/6873/phpbbcomponent1.2.4RC3.zip bug found in file : download.php define'INPHPBB', true; //$phpbbrootpa...
phpBB 3 (autopost bot mod <= 0.1.3) Remote File Include Vulnerability
No description provided by source. phpBB 3 autopost bot mod = 0.1.3 Remote File Include Vulnerability Vulnerability author: Kacper Greetz: all DEVIL TEAM forum members. Author Website: http://devilteam.pl/ http://polskihacking.pl/ Mod Description: This mod automatically post content from RSS feed...
PHPBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6173/info The phpBB Advanced Quick Reply Hack is prone to an issue which may allow attackers to include arbitrary files from a remote server. It is possible for remote attackers to influence the include path for...
phpBB XS <= 0.58 (functions.php) Remote File Include Vulnerability
No description provided by source. Author: AzzCoder Vendor: http://www.phpbbxs.eu/ Vulnerable File: includes/functions.php Vulnerable Code: //The phpbbrootpath isn't initialize includeonce $phpbbrootpath . './includes/functionscategorieshierarchy.' . $phpEx ; Method To Use:...
PHPBB 2.0.x Profile.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13344/info phpBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...
phpBB 2.0.3 privmsg.php SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6634/info A SQL injection vulnerability has been reported for phpBB2 systems that may result in the deletion of all private messages. phpBB2, in some cases, does not sufficiently sanitize user-supplied input which is used...
PHPBB 2.0.x Authentication Bypass Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/12678/info phpBB is affected by an authentication bypass vulnerability. This issue is due to the application failing to properly sanitize user-supplied input during authentication. Exploitation of this vulnerability would...
maluinfo <= 206.2.38 (bb_usage_stats.php) Remote File Include Exploit
No description provided by source. !/usr/bin/perl maluinfo 206.2.38 brazilian PHPBB Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high...
phpBB 1.4 - Remote SQL Query Manipulation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3142/info phpBB is free, open-source, easy-to-use web forums software. An issue exists in phpBB which allows a remote attacker to manipulate SQL queries in such a way as to gain an administrative account with the service...
pafileDB <= 2.0.1 (mxBB/phpBB) Remote File Inclusion Vulnerability
No description provided by source. PafileDB Remote File InclusionphpBB Contact : irc.gigachat.net ir4dex & [email protected] Risk : High Class : Remote Script : pafileDB Version : not specified --------------------------------------------------------------------- Vulnerable code :...
PHPOpenChat 2.3.4/3.0.1 PoC_loginform.php phpbb_root_path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/12817/info PHPOpenChat is prone to multiple remote file-include vulnerabilities. An attacker may leverage these issues to execute arbitrary server-side script code on an affected computer with the privileges of the...
Blend Portal <= 1.2.0 (phpBB Mod) Remote File Inclusion Vulnerability
No description provided by source. Blend Portal = 1.2.0 for phpBB 2.x Remote File Inclusion Vulnerabilities Contacts ICQ: 10072 MSN/Mail: [email protected] web: www.nukedx.com This exploits works on Blend Portal = 1.2.0 for phpBB 2.x Original advisory can be found at:...
TopList <= 1.3.8 (phpBB Hack) Remote Inclusion Exploit
No description provided by source. TopList Hack for PHPBB = 1.3.8 Remote File Inclusion Based on http://milw0rm.com/exploits/1722 Bug found by : Oo No more uploading php shells !!! This is my way of php include exploitation !!! Learn to play with sockets !!! FOXMULDER [email protected]...
phpBB Insert User Mod <= 0.1.2 - Remote File Include Exploit
No description provided by source. !/usr/bin/perl PHPBB insert user 0.1.2 Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://www.grahameames.co.uk/phpbb/downloads/insertuser0.1.2.zip...