February 22, 2005

phpbb: new exploit

by brian_turner

A new exploit has been found on the phpbb 2.x software, which has been rated as “moderately critical”.

As reported in the Secunia security advisory phpBB Avatar Functions Information Disclosure and Deletion:

The vulnerabilities are caused due to some unspecified errors in the avatar handling functions and may be exploited to disclose and delete arbitrary files.

Some issues disclosing the full path to certain scripts have also been reported.

This means that phpbb 2.0.12 has now been released, with more information available here: phpBB 2.0.12 released

Story link: phpbb: new exploit

Add to Bookmarks:

 

 

 

• Recent Posts

  • e-commerce essential for business success
  • Solicitor warns businesses to check their lease
  • ‘Thin clients’ can benefit small businesses
  • MindMeister app available on Google Apps Marketplace
  • SMEs optimistic for the economy

• Most read today

  • Forum admins warned on new wave of spam
  • ‘Thin clients' can benefit small businesses
  • e-commerce essential for business success
  • Solicitor warns businesses to check their lease
  • Basic install and optimisation of a vbulletin forum