CVE-2002-2287

PHP remote file inclusion vulnerability in quickreply.php for phpBB Advanced Quick Reply Hack 1.0.0 and 1.1.0 allows remote attackers to execute arbitrary PHP code via the phpbbrootpath parameter...

CVE-2002-2287

Affected software: phpBB Advanced Quick Reply Hack 1.0.0 and 1.1.0. Vulnerability: PHP remote file inclusion via the phpbb_root_path parameter in quick_reply.php. Root cause: improper handling of user-supplied paths allows arbitrary PHP code execution. Impact: remote attackers could execute code ...

CVE-2003-1373

Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. dot dot sequences followed by NULL %00 characters in CGI parameters, as demonstrated using the lang parameter in prefs.php...

CVE-2003-1373

The provided documents describe CVE-2003-1373 as a vulnerability in PhpBB versions 1.4.0 through 1.4.4. The issue is a directory traversal that lets remote attackers read and include arbitrary files via dot-dot sequences followed by NULL (%00) characters in CGI parameters, demonstrated for the la...

CVE-2002-2255

Cross-site scripting XSS vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the searchusername parameter in searchuser mode...

CVE-2002-2255

The CVE-2002-2255 entry describes an XSS vulnerability in phpBB 2.0.3 and possibly earlier versions. The issue enables remote attackers to inject arbitrary web script or HTML via the search_username parameter in the searchuser mode, potentially compromising user sessions or data integrity. Accord...

To the anonymous Phpbb visitor administrator permissions-bug warning-the black bar safety net

Visit a phpbb site, close firefox, double-click the exe, and then browse the site, already has administrator privileges. - the problem also things out in a cookie on | / Paisterist's code was nice but heres mil's version. precompiled: http://www.milw0rm.com/sploits/897.rar Usage: bcc32 897.cpp an...

Remote file inclusion

PHP remote file inclusion vulnerability in includes/openid/Auth/OpenID/BBStore.php in phpBB Openid 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the openidrootpath parameter...

CVE-2007-5173

PHP remote file inclusion vulnerability in includes/openid/Auth/OpenID/BBStore.php in phpBB Openid 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the openidrootpath parameter...

CVE-2007-5173

CVE-2007-5173 is a PHP remote file inclusion in phpBB Openid 0.2.0. The flaw resides in includes/openid/Auth/OpenID/BBStore.php where the openid_root_path parameter allows an attacker to cause the inclusion of a remote file and thereby execute arbitrary PHP code. This is triggered via a URL suppl...

CVE-2007-5173

PHP remote file inclusion vulnerability in includes/openid/Auth/OpenID/BBStore.php in phpBB Openid 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the openidrootpath parameter...

phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion Vuln

No description provided by source. ============================================ = = = XORON c 2007 = = = ============================================ = = = phpBB Openid 0.2.0 Remote File Include = = = ============================================ = = Download: =...

phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion

+++++++++++++++++++++++++++++++++++++++++++++++++++ + + phpBB Mod OpenID 0.2.0 BBStore.php RFI + Risk: High + Found by Seph1roth + Site: http://blackroots.it + +++++++++++++++++++++++++++++++++++++++++++++++++++ + Vulnerable Script Download:...

PT-2007-6257 · Universibo · Universibo

Name of the Vulnerable Software and Affected Versions: UniversiBO version 1.3.4 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the phpbb root path parameter in the htmls/forum/includes/topic review.php file. This is due to a remote file inclusion...

phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion Vuln

Exploit for unknown platform in category web applications ============================================================= phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion Vuln ============================================================= ============================================ = = =...

phpBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion

phpBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion ============================================ = = = XORON c 2007 = = = ============================================ = = = phpBB Openid 0.2.0 Remote File Include = = = ============================================ = = Download: =...

phpBB Mod OpenID 0.2.0 - 'BBStore.php' Remote File Inclusion

============================================ = = = XORON c 2007 = = = ============================================ = = = phpBB Openid 0.2.0 Remote File Include = = = ============================================ = = Download: = http://sourceforge.net/project/showfiles.php?groupid=178846 =...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in phpBB Plus 1.53, and 1.53a before 20070922, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter to 1 language/langgerman/langadminalbum.php, 2...

CVE-2007-5100

Multiple PHP remote file inclusion vulnerabilities in phpBB Plus 1.53, and 1.53a before 20070922, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter to 1 language/langgerman/langadminalbum.php, 2...

CVE-2007-5100

CVE-2007-5100 describes PHP remote file inclusion in phpBB Plus 1.53 and 1.53a prior to 2007-09-22. The vulnerability occurs when register_globals is enabled and an attacker can craft a URL that sets phpbb_root_path to include arbitrary PHP code via language/lang_german/lang_main_album.php, langu...