CVE-2004-1315

This Perl script exploits a remote command execution vulnerability in phpBB versions up to 2.0.10 by injecting malicious commands via the 'highlight' parameter in the viewtopic.php script. It URL-encodes the payload and sends it via an HTTP GET request to execute arbitrary commands on the target server.

This exploit leverages a PHP script injection vulnerability in phpBB's 'viewtopic.php' by manipulating URI parameters to execute arbitrary commands. It encodes the payload in hexadecimal to bypass sanitization and injects a 'passthru' function call.

This exploit leverages a blind SQL injection vulnerability in PHP-Nuke 7.0/8.1/8.1.35 to extract sensitive information such as MD5/SHA1 hashes and arbitrary strings from the database. It bypasses protections like AppArmor and Suhosin Hardened-PHP by using a custom LFI+SQLI attack.

This Metasploit module exploits a PHP code injection vulnerability in phpBB's viewtopic.php via the 'highlight' parameter, leveraging improper input validation in preg_replace(). It supports multiple versions and automatically detects the appropriate exploit method.