There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
 
Tag Cloud
black screen blue screen blue screen of death boot computer connection crash css dell display driver drivers error excel firefox firefox 3 game hard drive internet internet explorer itunes laptop lcd linux malware monitor network networking nvidia outlook outlook 2003 outlook express partition password printer problem ram router slow software sound sprtcmd.exe trojan usb video virus vista windows windows xp wireless
Software Development
Search
Search in:
 
Advanced Search
Tech Support Guy Forums > Software & Hardware > Software Development >
phpBB viewtopic.php script allows cross-site scripting: Mar 1


HELLO AND WELCOME! Before you can post your question, you'll have to register -- it's completely free! Click here to join today! We highly recommend that you print a copy of our Guide for New Members. Enjoy!

Closed Thread
 
Thread Tools
eddie5659's Avatar
Computer Specs
Moderator with 18,510 posts.
  
Join Date: Mar 2001
Location: Bradford, England
01-Mar-2004, 02:36 PM #1
Exclamation phpBB viewtopic.php script allows cross-site scripting: Mar 1
Hiya


phpBB is a free open-source Web bulletin board software package. phpBB version 2.0.6c is vulnerable to cross-site scripting, caused by a improper filtering of user-supplied input in the viewtopic.php script. A remote attacker could embed malicious code in the postorder variable in a specially-crafted URL request to the viewtopic.php script, which would be executed in the victim's Web browser within the security context of the hosting site, once the link is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.

Platforms Affected:

kernel.org Linux Any version
Microsoft Corporation Windows Any version
phpBB Group phpBB 2.0.6c
Various Unix Any version
Remedy:

No remedy available as of March 2004.

Consequences:

Gain Access


http://xforce.iss.net/xforce/xfdb/15348

Regards

eddie
__________________
Just go with the flow, like a twig on the shoulders of a mighty stream
Closed Thread

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

« Previous Thread | Software Development | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who help people like you solve computer problems. See our Welcome Guide to get started.



Thread Tools


Related Sites: 56k Dial-Up | Tech Gift Ideas | Mobile TechGuy | Advertise on TSG
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 07:04 AM.
Copyright © 1996 - 2008 TechGuy, Inc. All rights reserved.
Powered by vBulletin, Copyright © 2000 - 2008, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.1.0
Powered by Cermak Technologies, Inc.