1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice

phpBB exploits...Anyone have a new rpm?

Discussion in 'Plesk for Linux - 8.x and Older' started by tekmage, Apr 8, 2005.

  1. tekmage

    tekmage Guest

    0
     
    EV1 notifed me this morning of a compromised site that was using phpBB. I've managed to change the effected file, but I'd like to do a full upgrade. Does Plesk have a new updated rpm for phpBB to close this exploit down?

    it is in forum/viewtopic.php


    and is not a root level exploit

    in the above file to fix it (though i would recomend upgrading)
    replace
    $words = explode(' ', trim(htmlspecialchars(urldecode($HTTP_GET_VARS['highlight']))));
    with:
    $words = explode(' ', trim(htmlspecialchars($HTTP_GET_VARS['highlight'])));
     
Loading...