Advisory: UseBB Multiple Vulnerabilities
Application: UseBB 0.5.1
Severity: Multiple SQL injection and XSS vulnerabilities may
result in disclosure of administrators credentials.
Risk : High
Vendor Status: Vendor has released an updated version
[...]
Entries Categorized as 'Message Boards'
UseBB Multiple Vulnerabilities
July 30, 2005
Invision PowerBoard 1.3.x – 2-x Exploit and Patch
July 19, 2005
Desc: Invision PowerBoard 1.3.x – 2.x Privilege escalation through SQL injection
Risk: High
Invision PowerBoard exploit
phpBB 2.0.16 released
June 30, 2005
Hi everyone,
phpBB Group announces the release of phpBB 2.0.16. This release addresses
some bugfixes and one critical security issue. To fix this, please apply
the following change: In viewtopic.php
Find:
$message = str_replace(‘”‘, ‘”‘,
substr(@preg_replace(‘#(>(((?>([^>< ]+|(?R)))*)’ . $message . ‘< '), 1, -1));
Replace with:
$message = str_replace('"', '"',
substr(@preg_replace('#(>(((?>([^>< ]+|(?R)))*)’ . $message .
‘< ‘), 1, -1));
We urge you to update [...]
Posted in
Recent readers, Recent readers, Recent readers, Recent readers, Recent readers, Recent readers, Recent readers, Recent readers, Recent readers, Recent readers, Recent readers, Recent readers, Recent readers, Recent readers, Recent readers, Recent readers,