-
June 21st, 2003, 12:35 PM
#1
Heads Up**PHPBB
For the people on this board that run their own version of PHPBB.
We've been informed that a possible SQL injection vulnerability has been released to various lists and sites. The issue is unlikely to affect many users given the requirements that surround it.
Source and Fix .
Cheers
NOodLE
-
June 21st, 2003, 03:18 PM
#2
And thanks to that I just noticed version 2.0.5 is released
-
June 21st, 2003, 03:33 PM
#3
With all the PHPbb boards out there, this is a good heads up. Thanks.
-
June 21st, 2003, 04:43 PM
#4
Nice little know... you can disallow acces to admin db language and includes if your host allows .htaccess and the like... You don't have to, but it you're alot more certain people won't get to you admin panel, wich is mostly the biggest problem (next to sql injections wich are pretty much the same as admin access). People stealing or guessing you cookie or passwoord won't be able to enter still as long as the .htaccess pasword is different from your normal pass !!!
-
June 21st, 2003, 05:13 PM
#5
only works if you have register globals on and you would be stupid to have that on anyway
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|