1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
It's time to find out who is who in the community! New attachments and other rules

phpBB exploits...Anyone have a new rpm?

Discussion in 'Plesk for Linux - 8.x and Older' started by tekmage, Apr 8, 2005.

  1. tekmage

    tekmage Guest

    0
     
    EV1 notifed me this morning of a compromised site that was using phpBB. I've managed to change the effected file, but I'd like to do a full upgrade. Does Plesk have a new updated rpm for phpBB to close this exploit down?

    it is in forum/viewtopic.php


    and is not a root level exploit

    in the above file to fix it (though i would recomend upgrading)
    replace
    $words = explode(' ', trim(htmlspecialchars(urldecode($HTTP_GET_VARS['highlight']))));
    with:
    $words = explode(' ', trim(htmlspecialchars($HTTP_GET_VARS['highlight'])));
     
    tekmage, Apr 8, 2005
    #1
Loading...