Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.


Welcome to AstaHost - Dear Guest , Please Register here to get Your own website. - Ask a Question / Express Opinion / Reply w/o Sign-Up!

Toggle shoutbox Shoutbox

@ agyat	:	(23 May 2013 - 01:23 AM) Wow! Mr. Sb Back Home.
@ OpaQue	:	(23 May 2013 - 12:44 AM) Ting
@ OpaQue	:	(24 April 2013 - 02:44 PM) I guess, Time to run Mycent script.
@ OpaQue	:	(24 April 2013 - 02:43 PM) wow.. not much spam. except habatt posting lot of links..
@ yordan	:	(23 April 2013 - 01:04 PM) You're welcome, agyat. Nice to have been helpful. Second lesson: try full words, "you" instead of "EW".
@ agyat	:	(23 April 2013 - 05:03 AM) @YORDAN: tHANK EW FOR YOUR FIRST LESSON.
@ yordan	:	(22 April 2013 - 09:43 PM) @agyat : "why don't you help me", or "please help me", or "please teach us"
@ yordan	:	(22 April 2013 - 09:42 PM) welcome back, velma
@ velma	:	(22 April 2013 - 07:51 AM) yawns Good to be back, wonder what is going on here
@ agyat	:	(22 April 2013 - 03:50 AM) Oh! so, why don't help me learn english..
@ yordan	:	(21 April 2013 - 08:38 PM) The goal mentioned by shiu : "learning english, learning computer"
@ agyat	:	(21 April 2013 - 06:31 PM) WHAT GOAL?
@ yordan	:	(20 April 2013 - 10:39 AM) yes, that's our goal. simultaneouly learning English and teaching/learning computer using.
@ shiyu	:	(20 April 2013 - 07:30 AM) learning english,learning computer
@ yordan	:	(19 April 2013 - 01:11 PM) Oh, I see, it's just a trick in order to force people looking at your texte. Somehow smart, maybe.
@ agyat	:	(19 April 2013 - 02:54 AM) And of course I know it is not SEO friendly.
@ agyat	:	(19 April 2013 - 02:52 AM) There may be two possible answers for that .... 1) Shout was posted using mobile keypad. 2) To force people read content carefully and/or with more concentration.
@ agyat	:	(19 April 2013 - 02:49 AM) There may be two possible answers for that ....
@ yordan	:	(18 April 2013 - 09:35 PM) however, why this mixing of capital letters in the middle of your text?
@ agyat	:	(18 April 2013 - 11:10 AM) false feelings.

Replying to Avoid Phpbb! New Security Exploit!

Post Options

Enable emoticons?

Enter Your Name

Security Check *

[quote name="Niru" post="87794" timestamp="1159027671"] Hope, the phpBB team will come up with a solution to avoid these SQL injection attacks! I'm also using phpbb for my forum! like it very much as it is the simplest forum and easy to maintain than any other bullettin boards! I like the simple interface also! [img]http://www.astahost.com/public/style_emoticons/#EMO_DIR#/rolleyes.gif[/img] You can see more about that [url="http://www.imperva.com/application_defense_center/glossary/sql_injection.html"]here[/url], [url="http://www.unixwiz.net/techtips/sql-injection.html"]here[/url] and also [url="http://www.securiteam.com/securityreviews/5DP0N1P76E.html"]here[/url] How to avoid SQL Injection >> Read it [url="http://www.sqlmag.com/Article/ArticleID/46379/sql_server_46379.html"]here[/url] & [url="http://www.securephpwiki.com/index.php/SQL_Injection"]here[/url][/quote] [quote name="Niru" post="87794" timestamp="1159027671"] Hope, the phpBB team will come up with a solution to avoid these SQL injection attacks! I'm also using phpbb for my forum! like it very much as it is the simplest forum and easy to maintain than any other bullettin boards! I like the simple interface also! [img]http://www.astahost.com/public/style_emoticons/#EMO_DIR#/rolleyes.gif[/img] You can see more about that [url="http://www.imperva.com/application_defense_center/glossary/sql_injection.html"]here[/url], [url="http://www.unixwiz.net/techtips/sql-injection.html"]here[/url] and also [url="http://www.securiteam.com/securityreviews/5DP0N1P76E.html"]here[/url] How to avoid SQL Injection >> Read it [url="http://www.sqlmag.com/Article/ArticleID/46379/sql_server_46379.html"]here[/url] & [url="http://www.securephpwiki.com/index.php/SQL_Injection"]here[/url][/quote]

or Cancel

Topic Summary

i never knew that phpbb wasnt very secure.
I've just uploaded it for my site a couple of days ago.
I'm NOT ever using SMF, i really hate smf.
I might get rid of phpbb and use xmb, xmb is definately my favourite free forum around, i really love it.

WeaponX

Posted 13 June 2007 - 01:24 AM

The problem with phpBB is that they sort of have a bad reputation for keeping up to date with their security issues....at least from what I read from other phpBB users. SMF is usually really quick on the trigger and the patches are deployed and installed usually with just two clicks or so.

diyar

Posted 13 June 2007 - 12:07 AM

I would recommend you to stay with SMF because hardly anyone is using PhpBB 3 and we dont know if it has any security issues but i'm sure its going to be much safer than PhpBB2!!

I'll say stick with SMF <_<

tyƒoon™

Posted 13 June 2007 - 12:01 AM

So can you still do that same hack on phpBB3 or not?

i'm kinda dubble sided as to what software i should use for my new forums. I have both experiences with phpBB and SMF. I was considering phpBB3 now so my new forums. Does anyone want to back phpBB3 or still reccomend me to go for SMF?

diyar

Posted 12 June 2007 - 11:48 PM

It Happened to me as well <_<

My phpbb forum site was hacked too!! I believe the security problem is sorted out in phpbb 3!!!

I would recommend people to avoid using phpbb 2 as well!!!

Regards

lifetalk

Posted 09 June 2007 - 02:05 PM

I've been thru a similar situation. Basically, i guess the hacker managed to get into my hosting account. Messed with my SQL database, and then, each time i loaded the forum, it redirected to his page where he left his mark. Sad.

I've learnt my lesson too. And now, i use vBulletin, far more secure. Way secure!

ethergeek

Posted 27 April 2007 - 09:44 PM

I just recently switched my forums from phpbb3 to the latest SMF. I didn't have many posts on it anyway, so I figured I'd try it out. Everyone I've asked ranks SMF 3rd behind vB and IPB, so I figured it was worth a shot.

Anyway, I'm having fun with SMF so far; everything is easier with it, and there's alot of features that work out of the box with SMF that I have to spend a few hours modding phpbb to get. I may try phpbb3 again when there are some decent mods out for it, but until then, I'm sticking with SMF.

HellFire121

Posted 25 April 2007 - 11:47 AM

I've always stood away from phpBB, even its lightweight feature list is enough for me.
All the sites you see that have been hacked have most likely used phpBB, there are quite a few alternatives and i'd say any of them would be better than phpBB.

You can go here: http://www.opensourcecms.com and check out the forum demos on the site.

-HellFire

WeaponX

Posted 24 April 2007 - 12:46 PM

owwhh....i was wondering to used phpbb...is it really that this script so easy to stole...... can anyone give me a script that really safe for my new coming forum...)

It's not about the script being stolen or anything like that, it's about being exploited due to the security holes it has. The developers at phpBB need to patch up these exploits as quickly as they can. The last time I read up about this, they weren't quick on their part...so I guess many had problems already.

If you want a "good" forum, try out Simple Machines Forum at:

http://www.simplemachines.org

They usually patch up the security holes very quickly...sometimes even before it's known to the public (lots of forum testers

mnur183

Posted 24 April 2007 - 07:29 AM

owwhh....i was wondering to used phpbb...is it really that this script so easy to stole...... can anyone give me a script that really safe for my new coming forum... :ph34r:

)

Review the complete topic (launches new window)