Heads Up**PHPBB
Results 1 to 5 of 5

Thread: Heads Up**PHPBB

  1. #1

    Heads Up**PHPBB

    For the people on this board that run their own version of PHPBB.
    We've been informed that a possible SQL injection vulnerability has been released to various lists and sites. The issue is unlikely to affect many users given the requirements that surround it.
    Source and Fix .

    Cheers
    NOodLE

  2. #2
    Kwiep
    Join Date
    Aug 2001
    Posts
    924
    And thanks to that I just noticed version 2.0.5 is released
    Double Dutch

  3. #3
    With all the PHPbb boards out there, this is a good heads up. Thanks.

  4. #4
    Kwiep
    Join Date
    Aug 2001
    Posts
    924
    Nice little know... you can disallow acces to admin db language and includes if your host allows .htaccess and the like... You don't have to, but it you're alot more certain people won't get to you admin panel, wich is mostly the biggest problem (next to sql injections wich are pretty much the same as admin access). People stealing or guessing you cookie or passwoord won't be able to enter still as long as the .htaccess pasword is different from your normal pass !!!
    Double Dutch

  5. #5
    Banned
    Join Date
    Sep 2001
    Posts
    853
    only works if you have register globals on and you would be stupid to have that on anyway

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •