Advisory: UseBB Multiple Vulnerabilities
Application: UseBB 0.5.1
Severity: Multiple SQL injection and XSS vulnerabilities may
result in disclosure of administrators credentials.
Risk : High
Vendor Status: Vendor has released an updated version
[...]

• 0 Comments

Desc: Invision PowerBoard 1.3.x - 2.x Privilege escalation through SQL injection
Risk: High
Invision PowerBoard exploit

• 0 Comments

Hi everyone,
phpBB Group announces the release of phpBB 2.0.16. This release addresses
some bugfixes and one critical security issue. To fix this, please apply
the following change: In viewtopic.php
Find:
$message = str_replace(’”‘, ‘”‘,
substr(@preg_replace(’#(>(((?>([^>< ]+|(?R)))*)’ . $message . ‘< '), 1, -1));
Replace with:
$message = str_replace('"', '"',
substr(@preg_replace('#(>(((?>([^>< ]+|(?R)))*)’ . $message .
‘< ‘), 1, -1));
We urge you to update [...]

• 1 Comment