Rick wrote:
phpBB has sql injection problem in /viewtopic.php . I am attaching .pl
script with details and some code. This
only works with register_globals = On. The query I used only works on db
mysql4 or pgsql. I’ve tested this on phpBB up to latest 2.0.5 version.
The phpBB Group has confirmed this and a fix is available:
http://www.phpbb.com/phpBB/viewtopic.php?t=112052
--
Evert Jan van Ramselaar <[EMAIL PROTECTED]>
Van Ramselaar Info Tech <http://www.vanramselaar.nl>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html