449 matches found
PunBB 1.x Profile.PHP User Profile Edit Module SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14195/info PunBB is affected by a SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input through the user profile edit module of the 'profile.php' script...
PunBB <= 1.3.4 & Pun_PM <= 1.2.6 - Remote Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl 0-Day PunBB = 1.3. Package: PunPM = v1.2.6 Remote Blind SQL Injection Exploit Author/s: Dante90, WaRWolFz Crew Created: 2009.07.30 after 0 days the bug was discovered. Crew Members: 4lasthor, Andryxxx, Cod3, Gho5t, HeRtZ, N.o.3.X, RingZero,...
PunBB <= 1.2.14 Remote Code Execution Exploit
No description provided by source...
Nucleus CMS 3.0,Blog:CMS 3,PunBB 1.x Common.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10760/info Nucleus CMS, Blog:CMS, and PunBB are vulnerable to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable computer...
PunBB 1.x SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/20786/info PunBB is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may exploit these issues to execute arbitrary script code in the context of...
PunBB <= 1.2.16 - Blind Password Recovery Exploit
No description provided by source. ?php / Original : http://sektioneins.de/advisories/SE-2008-01.txt Thanks to Stefan Esser, here's the exploit. Team : EpiBite firefox, petit-poney, thot Nous tenons a remercier nos mamans et papas respectifs. Let's get a fu coffee ! / // conf define'URL',...
PunBB Mod PunPortal 0.1 - Local File Inclusion Exploit
No description provided by source. !/usr/bin/perl =about PunBB PunPortal 0.1 Local File Inclusion Exploit -------------------------------------------------- by athos - stakerathotmaildotit download mod http://www.punres.org/download.php?id=1108 download cms http://punbb.org register globals = 1...
PunBB Extension Vote For Us <= 1.0.1 - Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl 0-Day PunBB VoteForUs.php OUT Mod = v1.0.1 Remote Blind SQL Injection Exploit Coded By Dante90, WaRWolFz Crew Bug Discovered By: Dante90, WaRWolFz Crew Download: http://www.punres.org/desc.php?pid=378 use strict; use LWP::UserAgent; use...
CVE-2011-3371
Multiple cross-site scripting XSS vulnerabilities in include/functions.php in PunBB before 1.3.6 allow remote attackers to inject arbitrary web script or HTML via the 1 id, 2 formsent, 3 csrftoken, 4 reqconfirm, or 5 delete parameter to delete.php, the 6 id, 7 formsent, 8 csrftoken, 9 reqmessage,...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in include/functions.php in PunBB before 1.3.6 allow remote attackers to inject arbitrary web script or HTML via the 1 id, 2 formsent, 3 csrftoken, 4 reqconfirm, or 5 delete parameter to delete.php, the 6 id, 7 formsent, 8 csrftoken, 9 reqmessage,...
CVE-2011-3371
Multiple cross-site scripting XSS vulnerabilities in include/functions.php in PunBB before 1.3.6 allow remote attackers to inject arbitrary web script or HTML via the 1 id, 2 formsent, 3 csrftoken, 4 reqconfirm, or 5 delete parameter to delete.php, the 6 id, 7 formsent, 8 csrftoken, 9 reqmessage,...
CVE-2011-3371
PunBB 1.3.6 fixes multiple stored/ reflected cross-site scripting vulnerabilities in include/functions.php. The issue affects PunBB prior to 1.3.6, where unvalidated values in many parameters (eg. id, form_sent, csrf_token, req_* fields, action, email, timezone, etc.) passed to delete.php, edit.p...
PunBB <= 1.3.6 'browse.php' Cross-Site Scripting Vulnerability
PunBB 1.3.6 'browse.php' Cross-Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/49776/info PunBB is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue t...
PunBB 1.3.6 bug
Islamic Republic Of Iran Security Team Www.IrIsT.Ir PunBB == 1.3.6 Cross-Site Scripting Vulnerabilities Download......: http://punbb.informer.com/downloads.php1.3.6 Bug Found.....: IrIsT™...
PunBB PHP Forum 1.3.5 Cross Site Scripting
No description provided by source. Affected Software : PunBB PHP Forum Severity : Medium Local/Remote : Remote Author : @drk1wi Summary Just for those whom it might concern. These vulnerabilities have been identified for the latest clean version 1.3.5 during one of my penetration tests...
PunBB PHP Forum 1.3.5 Cross Site Scripting
======================================================================= PunBB PHP Forum - Multiple XSS ======================================================================= Affected Software : PunBB PHP Forum Severity : Medium Local/Remote : Remote Author : @drk1wi Summary Just for those whom i...
PunBB 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities
PunBB 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/49660/info PunBB is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...
PunBB 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/49660/info PunBB is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
Punbb 1.3.4 Full Path Disclosure Vulnerability
Exploit for php platform in category web applications ============================================== Punbb 1.3.4 Full Path Disclosure Vulnerability ============================================== Exploit Title: Punbb 1.3.4 Full Path Disclosure Date: 07/11/2010 Author: SYSTEMOVERIDE, OverSecurityCr...
Punbb 1.3.4 - Multiple Full Path Disclosures
Exploit Title: Punbb 1.3.4 Full Path Disclosure Date: 07/11/2010 Author: SYSTEMOVERIDE, OverSecurityCrew Software Link: http://punbb.informer.com/ Vulnerability Type: Full Path Disclosure Version: 1.3.4 Vulnerability Details: The vulnerabilities are in the file and the file /search.php,...