• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

PHPBB Global Variable Deregistration Bypass Vulnerabilities

phpBB is prone to multiple vulnerabilities resulting from improper deregistration of global variables.
These issues may allow remote attackers to execute arbitrary PHP code and to carry out SQL-injection, HTML-injection, and cross-site scripting attacks.

phpBB 2.0.17 and prior versions are affected by these issues.