CVE-2007-6624

Directory traversal vulnerability in printview.php in PNphpBB2 1.2i and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the phpEx parameter...

CVE-2007-6624

The CVE-2007-6624 issue is a directory traversal/local file inclusion vulnerability in PNphpBB2 1.2i and earlier, exploitable via a .. in the phpEx parameter of printview.php. The active impact is indicated as partial confidentiality, integrity, and availability (CVSS v2 base score 6.8). The vuln...

pnphpbb2-lfi.txt

.-----------------------------------------------------------------------------. | vuln.: PNphpBB2 = 1.2i printview.php phpEx Local File Inclusion Vuln. | | download: http://www.pnphpbb.com/ | | dorks: Powered by PNphpBB2 / Powered por PNphpBB2 | | inurl:"index.php?name=PNphpBB2" | | | | author:...

PNphpBB2 'printview.php'本地文件包含漏洞

BUGTRAQ ID: 27039 CNCAN ID:CNCAN-2007122805 PNphpBB2是一款基于PHP的WEB应用程序。 PNphpBB2不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB权限查看系统文件内容。 问题是由于'printview.php'脚本对用户提交的'phpEx'参数缺少过滤，提交包含多个"../"字符作为参数数据，可绕过WEB ROOT限制，以WEB权限查看系统文件内容。 PNphpBB2 1.2.0 i 厂商解决方案 ------------ 目前没有解决方案提供： http://www.pnphpbb.com/...

PNphpBB2 <= 1.2i (printview.php phpEx) Local File Inclusion Vuln

No description provided by source. .-----------------------------------------------------------------------------. | vuln.: PNphpBB2 = 1.2i printview.php phpEx Local File Inclusion Vuln. | | download: http://www.pnphpbb.com/ | | dorks: Powered by PNphpBB2 / Powered por PNphpBB2 | |...

PNphpBB2 <= 1.2i (printview.php phpEx) Local File Inclusion Vuln

Exploit for unknown platform in category web applications ================================================================ PNphpBB2 = 1.2i printview.php phpEx Local File Inclusion Vuln ================================================================...

PNPHPBB2 1.2i - PHPEx Local File Inclusion

PNPHPBB2 1.2i - PHPEx Local File Inclusion .-----------------------------------------------------------------------------. | vuln.: PNphpBB2 = 1.2i printview.php phpEx Local File Inclusion Vuln. | | download: http://www.pnphpbb.com/ | | dorks: Powered by PNphpBB2 / Powered por PNphpBB2 | |...

PNPHPBB2 &lt; 1.2i - &#039;PHPEx&#039; Local File Inclusion

.-----------------------------------------------------------------------------. | vuln.: PNphpBB2 = 1.2i printview.php phpEx Local File Inclusion Vuln. | | download: http://www.pnphpbb.com/ | | dorks: Powered by PNphpBB2 / Powered por PNphpBB2 | | inurl:"index.php?name=PNphpBB2" | | | | author:...

pnphpbb2view-sql.txt

/ i PNphpBB2 "viewforum.php" SQL Injection Blind Password Hash Fishing Exploit i Vulnerable versions: PNphpBB2 You need at least 2 posts in the forum. - Thanks to waraxe for exploit structure... I have saved much time : Tested - Postnuke 0.764 with PNphpBB2 1.2i and MySQL 5.0.42 Maybe with other...

Sql injection

SQL injection vulnerability in viewforum.php in PNphpBB2 1.2i and earlier for Postnuke allows remote attackers to execute arbitrary SQL commands via the order parameter...

CVE-2007-3584

SQL injection vulnerability in viewforum.php in PNphpBB2 1.2i and earlier for Postnuke allows remote attackers to execute arbitrary SQL commands via the order parameter...

CVE-2007-3584

SQL injection vulnerability in viewforum.php in PNphpBB2 1.2i and earlier for Postnuke allows remote attackers to execute arbitrary SQL commands via the order parameter...

CVE-2007-3584

The CVE-2007-3584 issue affects PNphpBB2 1.2i and earlier used with Postnuke, where the viewforum.php component is vulnerable to SQL injection via the order parameter. The underlying cause is improper input handling in the viewforum.php code, enabling remote attackers to craft SQL statements and ...

PNphpBB2 &lt;= 1.2i viewforum.php Remote SQL Injection Exploit

No description provided by source. / i PNphpBB2 "viewforum.php" SQL Injection Blind Password Hash Fishing Exploit i Vulnerable versions: PNphpBB2 = 1.2i current last version i Bug discovered by: Coloss i Exploit by: Coloss i Date: 03.07.2007 Notes - You need at least 2 posts in the forum. - Thank...

PNPHPBB2 &lt; 1.2i - &#039;viewforum.php&#039; SQL Injection

/ i PNphpBB2 "viewforum.php" SQL Injection Blind Password Hash Fishing Exploit i Vulnerable versions: PNphpBB2 You need at least 2 posts in the forum. - Thanks to waraxe for exploit structure... I have saved much time : Tested - Postnuke 0.764 with PNphpBB2 1.2i and MySQL 5.0.42 Maybe with other...

PNPHPBB2 1.2i - viewforum.php SQL Injection

PNPHPBB2 1.2i - viewforum.php SQL Injection / i PNphpBB2 "viewforum.php" SQL Injection Blind Password Hash Fishing Exploit i Vulnerable versions: PNphpBB2 You need at least 2 posts in the forum. - Thanks to waraxe for exploit structure... I have saved much time : Tested - Postnuke 0.764 with...

PNphpBB2 <= 1.2i viewforum.php Remote SQL Injection Exploit

Exploit for unknown platform in category web applications =========================================================== PNphpBB2 You need at least 2 posts in the forum. - Thanks to waraxe for exploit structure... I have saved much time : Tested - Postnuke 0.764 with PNphpBB2 1.2i and MySQL 5.0.42...

PostNuke PNPHPBB2 Module Index.PHP SQL注入漏洞

PNphpBB是一款基于PHP的WEB应用程序。 PNphpBB不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，获得敏感信息。 问题是'Index.PHP'脚本对用户提交的WEB参数缺少过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息。 PNphpBB PNphpBB 1.2 g PNphpBB PNphpBB 1.2 f PNphpBB PNphpBB 1.2 目前没有解决方案提供： http://www.pnphpbb.com/modules.php?op=modload&name=ForumNews&file=index...

Sql injection

SQL injection vulnerability in index.php in the PNphpBB2 1.2i and earlier module for PostNuke allows remote attackers to execute arbitrary SQL commands via the c parameter...

CVE-2007-3052

SQL injection vulnerability in index.php in the PNphpBB2 1.2i and earlier module for PostNuke allows remote attackers to execute arbitrary SQL commands via the c parameter...