On Mon, 2006-09-18 at 20:00 +0200, Stefan Fritsch wrote: > phpBB 2.0.21 does not properly handle pathnames ending in %00, which > allows remote authenticated administrative users to upload arbitrary > files, as demonstrated by a query to admin/admin_board.php with an > avatar_path parameter ending in .php%00.
Thank you for your report. Since it requires an authenticated admin and the possible action is just a minor elevation of existing abilities, I don't think it's critical enough to warrant an update in stable. We will address it in the next regular upload of the package. Thijs
signature.asc
Description: This is a digitally signed message part