Security Issues with PHPBB

February 13, 2009, 12:58 pm

PHPBB has announced an injection vulnerability on their website. Those running PHPBB software are advised to update a patch on their installations:

Despite being among the easiest of vulnerabilities to understand, injection vulnerabilities are also among the most common. For most users, they will simply manifest themselves as an error when select characters are used, but a sufficiently adept user may be able to take that error and exploit it to their advantage.

Check more about it here.

Posted by admin under: Scripting

  • Security Basics: PHP
    • For those who are using scripts like Moveable Type and Wordpress, they have little to worry about security since they only need to wait for
  • WordPress 2.0.3 Released
    • The latest in the stable 2.0 series, 2.0.3, is now available for download at WordPress.org. This is a bug fix and security release, and is
  • APF Firewall Issues with Gravatar
    • The Gravatar server is having some issues with the system Firewall (APF). There will be instances where a specific IP address or a website is
  • Security Basics: Social Engineering
    • It has been said the the users are the weakest link in the security chain. This is especially exemplified in Social Engineering. This is a
  • Apache 1.3.36 Security Update
    • A new version of Apache (1.3.36) was just released for Cpanel servers. We don't recommend upgrading rightaway, because you quite often wind up with more
  • WordPress 2.7.1 is Out
    • Those who are running WordPress can now update their blogs to the latest version 2.7.1. This version fixes bugs and security holes in the software
  • CGI Scripts disabled
    • We have disabled the Mchat, Cgiecho, Cgiemail, Guestbook, Counter and Formmails from CPanel's system wide cgi-sys directory. The are the most commonly exploited scripts since
  • WordPress 1.5.1.3 Security Update
    • WordPress version 1.5.1.3 is remotely exploitable if the web server on which it runs has register_globals = on in the PHP configuration. perl and PHP
  • Enable register_globals on individual cPanel accounts
    • Since register_globals is disabled on the servers for security purposes, some of your scripts and Fantastico installs might not work properly. However, you can enable
  • Upgrade your blogs to WordPress 2.1.13 & 2.0.10
    • The new release of WordPress are versions 2.1.13 and 2.0.10. There are security updates so download your copy now and upgrade your blogs.
    plogHost Web Services

    Calendar

    August 2010
    M T W T F S S
    « Apr    
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  

    Most Recent Posts