GitHub - Parcer0/CVE-2006-0450-phpBB-2.0.15-Multiple-DoS-Vulnerabilities: CVE-2006-0450. phpBB 2.0.19 and earlier allows remote attackers to cause a denial of service (application crash) by (1) registering many users through profile.php or (2) using search.php to search in a certain way that confuses the database.

[N]eo [S]ecurity [T]eam [NST]® - Advisory #15 - 00/00/06

Program: phpBB 2.0.15

Vulnerable Versions: phpBB 2.0.15 & Lower versions

Risk: High Risk!!

Impact: Multiple DoS Vulnerabilities.

Description

phpBB is a high powered, fully scalable, and highly customizable Open Source bulletin board package. phpBB has a user-friendly interface, simple and straightforward administration panel, and helpful FAQ. Based on the powerful PHP server language and your choice of MySQL, MS-SQL, PostgreSQL or Access/ODBC database servers, phpBB is the ideal free community solution for all web sites.

Tested

localhost & many forums

Explotation

profile.php << By registering as many users as you can. search.php << by searching in a way that the db couln't observe it.

CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0450

Name		Name	Last commit message	Last commit date
Latest commit History 10 Commits
LICENSE		LICENSE
NsT-phpBBDoS.c		NsT-phpBBDoS.c
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

[N]eo [S]ecurity [T]eam [NST]® - Advisory #15 - 00/00/06

About

Releases

Packages

Languages

License

Parcer0/CVE-2006-0450-phpBB-2.0.15-Multiple-DoS-Vulnerabilities

Folders and files

Latest commit

History

Repository files navigation

[N]eo [S]ecurity [T]eam [NST]® - Advisory #15 - 00/00/06

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages