PHPBB 2.0.13 DLMan Pro Module SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13028/info The DLMan Pro mod for phpBB is reportedly affected by an SQL Injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query...

phpBB <= 2.0.12 Change User Rights Authentication Bypass

No description provided by source. !/usr/bin/perl -w phpBB =2.0.12 session autologin exploit This script uses the vulerability in autologinid variable More: http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=267563 Just gives an user on vulnerable forum administrator rights. You should register the...

phpBB <= 2.0.18 Remote XSS Cookie Disclosure Exploit

No description provided by source. / phpBB = 2.0.18 XSS Cookie Disclosure Proof of Concept -- 'the html is on exploit' original exploit by: cXIb8O3 - 12/16/2005 proof of concept by: jet -- http://jet.carbon-4.net/ develop a pure, lucid mind, not depending upon sound, flavor, touch, odor, or any...

phpBB 1.x Page Header Remote Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3167/info An input validation error exists in phpBB, a freely available WWW forums package. The problem is due to improper validation of some variables in phpBB. It is possible for users registered with the phpBB system t...

phpBB <= 2.0.10 Remote Command Execution Exploit (cgi version)

No description provided by source. !/usr/bin/perl wphpbb.cgi hack service: http://site/cgi-bin/wphpbb.cgi use CGI qw:standard; $CGI::HEADERSONCE = 1; $CGI = new CGI; $atak = $CGI-paramatak; $serv = $CGI-paramserv; $dir = $CGI-paramdir; $topic = $CGI-paramtopic; $cmd = $CGI-paramcmd; print...

PHPBB 2.0.6 URL BBCode HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8570/info phpBB BBCode has been reported prone to an HTML injection vulnerability. It has been reported that an attacker may inject malicious script into areas of phpBB where BBCode is rendered, for example, bulletin boar...

Fully Modded phpBB <= 2021.4.40 Multiple File Include Vulnerabilities

No description provided by source. Fully Modded phpBB 2 Remote File Include PHPBB Exploit 2 Source Code: http://phpbbfm.net/support/indexfm.php http://kent.dl.sourceforge.net/sourceforge/phpbbfm/FM2021-4-40.tar.gz Vulnerable Code: include'includes/common.php'; $phpbbrootpath = $foingrootpath...

phpBB Import Tools Mod <= 0.1.4 - Remote File Include Vulnerability

No description provided by source. Title: phpBB Import Tools Mod = 0.1.4 phpbbrootpath Remote File Inclusion Author/Discovery: boecke Vulnerability Type: Remote File Inclusion Risk: High Risk Software Affected: phpBB Import Tools Mod = 0.1.4 Literally shouts to: str0ke and henrik Don't promote...

phpBB <= 2.0.17 (signature_bbcode_uid) Remote Command Exploit

No description provided by source. !/usr/bin/perl phpBB = 2.0.17 remote command execution exploit need for work: 1. PHP 5 5.0.5 2. registerglobals=On 3. magicquotes off ------------------------------------------------ coded by 1dt.w0lf RST/GHC http://rst.void.ru http://ghc.ru 03.11.05 use...

phpBB 2.0.5 - SQL Injection password disclosure Exploit

No description provided by source. !/usr/bin/perl -w phpBB password disclosure vuln. - rick patel There is a sql injection vuln which exists in /viewtopic.php file. The variable is $topicid which gets passed directly to sql server in query. Attacker could pass a special sql string which can used ...

pafileDB <= 2.0.1 (mxBB/phpBB) Remote File Inclusion Vulnerability

No description provided by source. PafileDB Remote File InclusionphpBB Contact : irc.gigachat.net ir4dex & [email protected] Risk : High Class : Remote Script : pafileDB Version : not specified --------------------------------------------------------------------- Vulnerable code :...

phpBB 2.0.3 privmsg.php SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6634/info A SQL injection vulnerability has been reported for phpBB2 systems that may result in the deletion of all private messages. phpBB2, in some cases, does not sufficiently sanitize user-supplied input which is used...

phpBB Insert User Mod <= 0.1.2 - Remote File Include Exploit

No description provided by source. !/usr/bin/perl PHPBB insert user 0.1.2 Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://www.grahameames.co.uk/phpbb/downloads/insertuser0.1.2.zip...

PHPBB 2.0.x Profile.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13344/info phpBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

Phpbb Forum Denial of Service Vulnerability

!/usr/bin/perl @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@@@@@@@@@ @@@ @ @@@@@@@@@@ @@@ @@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@...

phpBB remote denial of service vulnerability-vulnerability warning-the black bar safety net

phpBB remote denial of service vulnerability Vulnerability version: phpBB phpBB 3.0.8 phpBB phpBB 3.0.7 phpBB phpBB 3.0.6 phpBB phpBB 3.0.5 phpBB phpBB 3.0.4 phpBB phpBB 3.0.3 phpBB phpBB 3.0.2 phpBB phpBB 3.0.1 phpBB phpBB 3.0 phpBB phpBB 2.0.21 phpBB phpBB 2.0.19 phpBB phpBB 2.0.17 phpBB phpBB...

PhpBB viewtopic.php URL Decoding Code Execution - Ver2 (CVE-2004-1315)

A code execution vulnerability has been reported in phpBB. The vulnerability is due to lack of input validation on the highlight parameter supplied to viewtopic. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause...

phpBB viewtopic.php URL Decoding Code Execution - ver 2 (CVE-2004-1315)

A code injection and execution vulnerability has been reported in phpBB. The vulnerability is due to lack of input validation on the highlight parameter supplied to viewtopic.php. A remote attacker can exploit this issue by injecting malicious SQL code to the target server. Successful exploitatio...

phpBB远程拒绝服务漏洞

Bugtraq ID:65481 phpBB是phpBB组开发的一套开源的使用PHP语言开发的Web论坛软件。该软件具有支持多国语言、支持多种数据库和自定义版面设计等特点。 phpBB中存在远程拒绝服务漏洞。攻击者可利用该漏洞造成受影响应用程序崩溃，拒绝服务合法用户。 0 phpBB phpBB 3.0.8 phpBB phpBB 3.0.7 phpBB phpBB 3.0.6 phpBB phpBB 3.0.5 phpBB phpBB 3.0.4 phpBB phpBB 3.0.3 phpBB phpBB 3.0.2 phpBB phpBB 3.0.1 phpBB phpBB 3.0...

phpBB 3.0.8 - Remote Denial of Service

phpBB 3.0.8 - Remote Denial of Service source: https://www.securityfocus.com/bid/65481/info phpBB is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Phpbb Forum Denial of Service...