Computer Security

Security Advisory: Re: [Full-disclosure] Security Advisory - phpBB 2.0.15 PHP-code injection bug
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  PHP, ASP, CGI web applications security vulnerabilities

  [Full-disclosure] Advisory 05/2005: Cacti Authentification/Adds
lashes Bypass Vulnerability

  [Full-disclosure] Advisory 04/2005: Cacti Remote Command Execution Vulnerability

  [Full-disclosure] Advisory 03/2005: Cacti Multiple SQL Injection Vulnerabilities [FIXED]

  PHPXMLRPC Remote Code Execution

From:Andrew Farmer <andfarm_(at)_gmail.com>
Date:29.06.2005
Subject:Re: [Full-disclosure] Security Advisory - phpBB 2.0.15 PHP-code injection bug

On 28 Jun ‘05, at 14:47, ronvdaal wrote:
> Proof of concept:

http://some.forum/viewtopic.php?p=postnum&highlight='.die(omghax).
'

Uh, whoops.


Another suggested solution:

Remove the highlight handling code in viewtopic.php or replace it  
with something that does not use the /e flag to preg_replace. As it  
stands, the current code is an abomination that should not have ever  
seen the light of day.
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru