Published: 12/11/2004 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 770

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

viewtopic.php in phpBB 2.x prior to 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote malicious users to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which is then processed by PHP exec, as exploited by the Santy.A worm.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phpbb group phpbb 1.2.0
phpbb group phpbb 1.2.1
phpbb group phpbb 2.0.10
phpbb group phpbb 2.0.2
phpbb group phpbb 2.0.3
phpbb group phpbb 2.0.7a
phpbb group phpbb 2.0.8
phpbb group phpbb 2.0_rc4
phpbb group phpbb
phpbb group phpbb 1.4.2
phpbb group phpbb 1.4.4
phpbb group phpbb 2.0.6
phpbb group phpbb 2.0.6c
phpbb group phpbb 2.0_beta1
phpbb group phpbb 2.0_rc1
phpbb group phpbb 1.4.0
phpbb group phpbb 1.4.1
phpbb group phpbb 2.0.4
phpbb group phpbb 2.0.5
phpbb group phpbb 2.0.8a
phpbb group phpbb 2.0.9
phpbb group phpbb 1.0.0
phpbb group phpbb 1.0.1
phpbb group phpbb 2.0.0
phpbb group phpbb 2.0.1
phpbb group phpbb 2.0.6d
phpbb group phpbb 2.0.7
phpbb group phpbb 2.0_rc2
phpbb group phpbb 2.0_rc3

PHP-Nuke versions 70, 81 and 8135 wormable remote code execution exploit ...

## # $Id: phpbb_highlightrb 9671 2010-07-03 06:21:31Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class ...

#!/usr/bin/perl use IO::Socket; ## @@@@@@@ @@@ @@@ @@@@@@ @@@ @@@ ## @@! @@@ @@! @@@ !@@ @@! @@@ ## @!@!!@! @!@ !@! !@@!! @!@!@!@! ## !!: :!! !!: !!! !:! !!: !!! ## : : : ::: : ::: : : : : ## ## phpBB ...

source: wwwsecurityfocuscom/bid/10701/info The 'viewtopicphp' phpBB script is prone to a remote PHP script injection vulnerability because the application fails to properly sanitize user-supplied URI parameters before using them to construct dynamically generated web pages Exploiting this issue may allow a remote attacker to execute ar ...

#!/usr/bin/php <?php /******************************************************************************* Wormable Remote Code Execution in PHP-Nuke 70/81/8135(newist as of release) Vendor's Website:phpnukeorg/ Secuirty Researcher: Michael Brooks (sitewatch) Original Advisory: blogsitewatch/2010/05/vulnerabilities-in-ph ...

NVD-CWE-Other http://www.phpbb.com/phpBB/viewtopic.php?t=240513 http://www.us-cert.gov/cas/techalerts/TA04-356A.html http://www.kb.cert.org/vuls/id/497400 http://secunia.com/advisories/13239/http://www.securityfocus.com/archive/1/385208 http://www.securityfocus.com/bid/10701 http://marc.info/?l=bugtraq&m=110365752909029&w=2 http://marc.info/?t=110079440800004&r=1&w=2 http://marc.info/?l=bugtraq&m=110029415208724&w=2 https://security.gentoo.org/glsa/200411-32 https://exchange.xforce.ibmcloud.com/vulnerabilities/18052 https://nvd.nist.gov https://packetstormsecurity.com/files/89190/PHP-Nuke-7.0-8.1-8.1.35-Wormable-Remote-Code-Execution.html https://www.exploit-db.com/exploits/16890/

CVE-2004-1315

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect