PHP classical bugs in phpBB allows remote code execution
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
PHP classical bugs in phpBB allows remote code execution
updated since 12.08.2001
Published:
28.05.2002
Source:
BUGTRAQ
SecurityVulns ID:
1383
Type:
remote
Level:
5
/10
Description:
Uninitialized PHP variables and ability to modify SQL query allow to execute code on server. Crossite scripting. Invalid NULL-byte handling leads to DoS.
Affected:
PHPBB
:
phpBB 1.4
PHPBB
:
phpBB 2.0
Original document
Martijn Boerwinkel
,
Cross Site Scripting Vulnerability in phpBB2's [IMG] tag and remote avatar
(
28.05.2002
)
Whitecell Security Systems
,
(WSS-Advisories-02003) PHPBB BBcode Process Vulnerability
(
04.04.2002
)
Florian Hobelsberger / BlueScreen
,
[Advisory] phpBB 1.4.4 still suffers from Cross Site Scripting Vulnerability
(
28.03.2002
)
nullbyte
,
phpBB2 remote execution command
(
20.03.2002
)
Konrad Rieck
,
phpBB 1.4.2, Remote user is able to modify SQL query.
(
09.10.2001
)
kill-9_(at)_modernhackers.com
,
phpBB 1.4.0 bug leads to easy admin privileges
(
12.08.2001
)
kill-9_(at)_modernhackers.com
,
Easily and Remotely Pipe a Covert Shell on phpBB version 1.4.0 and below
(
12.08.2001
)
Files:
phpBB2 remote execution command
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Enter your search terms
Web
securityvulns.com
Submit search form
