Rick wrote:
phpBB has sql injection problem in /viewtopic.php . I am attaching .pl script with details and some code. This

only works with register_globals = On. The query I used only works on db mysql4 or pgsql. I’ve tested this on phpBB up to latest 2.0.5 version.

The phpBB Group has confirmed this and a fix is available: http://www.phpbb.com/phpBB/viewtopic.php?t=112052

--
  Evert Jan van Ramselaar  <[EMAIL PROTECTED]>
  Van Ramselaar Info Tech  <http://www.vanramselaar.nl>


_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html

Reply via email to