Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
BugTraq
Back to list
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
Re: New phpBB ViewTopic.php Cross Site Scripting Vulnerability
Mar 01 2004 11:35PM
t4c [Founder of GHCIF] (t4c ghcif de)
An inofficial fix to this Issue has been released by ghcif.de
PHPBB 2.0.6c XSS Flaw in viewtopic.php
Open and Backup viewtopic.php
Find:
if ( !empty($HTTP_POST_VARS['postorder']) ||
!empty($HTTP_GET_VARS['postorder']${
$post_order = (!empty($HTTP_POST_VARS['postorder'])) ?
$HTTP_POST_V...
[ more ]
Privacy Statement
Copyright 2009, SecurityFocus
PHPBB 2.0.6c XSS Flaw in viewtopic.php
Open and Backup viewtopic.php
Find:
if ( !empty($HTTP_POST_VARS['postorder']) ||
!empty($HTTP_GET_VARS['postorder']${
$post_order = (!empty($HTTP_POST_VARS['postorder'])) ?
$HTTP_POST_V...
[ more ]