Welcome Guest ( Log In | Register )



 
 Reply to this topicStart new topic
> phpBB avatar_path PHP Code Execution Vulnerability
ne0
post Dec 31 2006, 08:41 PM
Post #1


Newbie [ Level 2 ]
Group Icon

Group: Members
Posts: 14
Joined: 30-December 06
Member No.: 18,945
QUOTE
The phpBB application is prone to an arbitrary PHP code-execution vulnerability.

If successful, attackers can execute script code with the privileges of the webserver process.


QUOTE
Vulnerable:
phpBB phpBB 2.0.21
phpBB phpBB 2.0.20
phpBB phpBB 2.0.18

Not Vulnerable:
phpBB phpBB 2.0.22


So , upgrade to phpBB phpBB 2.0.22 .
Go to the top of the page
 
+Quote Post
toby
post Jan 1 2007, 10:02 AM
Post #2


Premium Member
Group Icon

Group: Members
Posts: 489
Joined: 29-September 06
Member No.: 16,228
I think I know the site that will explain it, but thanks for pointing it out in such a common program tongue.gif.
Go to the top of the page
 
+Quote Post
Blaster
post Jan 31 2007, 05:55 PM
Post #3


Newbie [ Level 1 ]
Group Icon

Group: Banned
Posts: 7
Joined: 31-January 07
Member No.: 20,076
are you sure? phpbb has never let me down and the avatar path seems secure on .18 to me.
Go to the top of the page
 
+Quote Post
pyost
post Jan 31 2007, 09:28 PM
Post #4


Nenad Bozidarevic
Group Icon

Group: [MODERATOR]
Posts: 1,002
Joined: 7-November 05
From: Belgrade, Serbia
Member No.: 9,500
Obviously, no one has tried to hack your board. If it were the oposite, your message would already be down - phpBB is well-known for its security issues.
Go to the top of the page
 
+Quote Post
« Next Oldest · Security issues & Exploits · Next Newest »
 

Fast ReplyReply to this topicStart new topic

Collapse

> Similar Topics

Topics Topics
  1. Vulnerability Was Found In All Major Browsers(20)
  2. Microsoft Confirms Code Execution Hole In Ie(4)
  3. Another Exploit In Phpbb 2.0.17(7)
  4. Ms Sec. Advisory: Flash Player 7 Vulnerability(1)
  5. Hackers Publish Code For Critical Ie Bug(0)
  6. Microsoft Confirms Wmf Vulnerability(7)
  7. Password Reset Vulnerability(3)
  8. Microsoft Xmlhttp Activex Control Code Execution Vulnerability(0)
  9. MS Windows CSRSS Vulnerability(4)
  10. Winzip ActiveX Control Remote Code Execution Vulnerability(2)
  11. Disable Task Manager 1 Line Code![vb6](32)


 

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

- Lo-Fi Version Time is now: 8th September 2008 - 06:30 AM
Powered By IP.Board 2.2.1 © 2008  IPS, Inc.
Licensed to: Xisto Corporation