It seems fairly obvious but the classic phpbb_root_path vulnerability is present in products such as: Omegaboard, Cerulean Portal System, phpBB Tweaked, Hailboards, EclipseBB and Xero Portal. All are affected by the vulnerability exposed by having register_globals set to "on." It appears that it is being regularly exploited as well to deface systems.
www.heise-security.co.uk/news/84732 Thanks for the lead Juergen! |
Kevin Liston 292 Posts ISC Handler Feb 2nd 2007 |
Thread locked Subscribe |
Feb 2nd 2007 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!