1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

phpBB exploits...Anyone have a new rpm?

Discussion in 'Plesk for Linux - 8.x and Older' started by tekmage, Apr 8, 2005.

  1. tekmage

    tekmage Guest

    0
     
    EV1 notifed me this morning of a compromised site that was using phpBB. I've managed to change the effected file, but I'd like to do a full upgrade. Does Plesk have a new updated rpm for phpBB to close this exploit down?

    it is in forum/viewtopic.php


    and is not a root level exploit

    in the above file to fix it (though i would recomend upgrading)
    replace
    $words = explode(' ', trim(htmlspecialchars(urldecode($HTTP_GET_VARS['highlight']))));
    with:
    $words = explode(' ', trim(htmlspecialchars($HTTP_GET_VARS['highlight'])));
     
Loading...