cyberbb-sql.txt

Name : cyberBB v. 0.6 Multiply Remote SQL Injection Vulnerabilities Author : cOndemned Dark-Coders Greetz : Avantura, str0ke, ZaBeaTy, voo|doo, irk4z, and many, many more... Conditions : Magic quotes gpc = On & Off / User must be logged into source of /showtopic.php : 21. $id=$REQUEST'id'; 22. 23...

TinyPHP Forum <= 3.6 (profile.php) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl $App : TinyPHP forum = 3.6 Remote Command Execution Exploit $Bug : http://tinyphp/profile.php?action=view&uname=../afile%00 $IHST: h4ckerz.com / hackerz.ir / aria-security.net coded By Hessam-x Hessamx -at- Hessamx.net use IO::Socket; use...

PunBB profile.php Multiple Parameter XSS

According to its banner, the version of PunBB installed on the remote host fails to properly sanitize user input to the script 'profile.php' through the 'email' and 'Jabber' parameters. An attacker could exploit this flaw to embed malicious script or HTML code in his profile. Then, whenever someo...

phpBB profile.php Cross Site Scripting Vulnerability

Advisory Name : phpBB profile.php Cross Site Scripting Vulnerability Release Date : Mar 21,2004 Application : phpBB Version : phpBB 2.0.6d or others? Platform : PHP Vendor URL : http://www.phpbb.com/ Author : Cheng Peng Suapplesoupatmsn.com Proof of Conecpt: This vuln is in profile.php,when you...