You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 524 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
phpBB Exploit - Turn OFF Allow HTML
SecurityAn unidentifed source came to me with this one - and it appears to be valid. There is a serious threat for users of phpBB that have "Allow HTML" set to yes. If you have "Allow HTML" set to yes in Admin, Forums, Configuration, TURN IT OFF.

More will be posted soon I am sure, but for now, TURN IT OFF.

-sting
Posted on Wednesday, February 08 @ 17:04:27 CET by sting
 
Related Links
· Computer Cops
· More about Security
· News by sting


Most read story about Security:
PHP-Nuke admin.php security hole - PATCHED

Article Rating
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad


Options

 Printer Friendly Page  Printer Friendly Page

 Send to a Friend  Send to a Friend

Associated Topics

Nuke CopsSecurity

Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register

Re: phpBB Exploit - Turn OFF Allow HTML (Score: 1)
by perfect-games on Friday, February 10 @ 23:05:15 CET
(User Info | Send a Message) http://www.dazzlesoftware.ca
i knew of this since november.

there also a security issue in the news and surveys.

think its time for patch 3.2 :)



Re: phpBB Exploit - Turn OFF Allow HTML (Score: 1)
by dotcomUNDERGROUND on Saturday, February 11 @ 01:26:43 CET
(User Info | Send a Message) http://www.dotcomunderground.com/
tnx

most ppl keep it off though

but still tnx for reminding :)



Re: phpBB Exploit - Turn OFF Allow HTML (Score: 1)
by Prophet on Saturday, February 11 @ 15:12:06 CET
(User Info | Send a Message) http://jasonlau.biz
Just thought I would mention that there is also a vulnerability in Your_Account > Your Home. This feature should be disabled because data is not properly validated for it.


Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.072 Seconds - 204 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::