By BBC, i think he means British Broadcat Company's website.
Pages 1
Unfortunately no one can be told what PunBB is - you have to see it for yourself.
You are not logged in. Please login or register.
Started the beta-testing of the new Copper style.
Search options
PunBB Forums » Posts by PHPLizardo
Posts found [ 8 ]
1 2008-11-16 15:26:11
Re: [request] Rss feed creates new topics automatically (21 replies, posted in PunBB 1.3 extensions)
2 2008-11-16 15:23:44
Re: [Release] Meta Tags Administration (48 replies, posted in PunBB 1.3 extensions)
You are absolutely right and I think that it's better if only super admins can edit fields where you can put html. Anyway, I fixed this problem on my forums, every fields are filtered, in the admin panel too.
Sorry for my poor english 
3 2008-11-15 23:44:56
Re: [Release] Meta Tags Administration (48 replies, posted in PunBB 1.3 extensions)
Garciat wrote:
Now, why would an ADMIN exploit this vulnerability? After all, this extension's configuration can only be edited by admins.
Also, there's a message saying:
Please, don't use any HTML, BBCode or harmful characters.
on the configuration page, so I'm not really worried about this.
Thanks anyways, I appreciate your concern.
I know that only admins can acces to you extension but it can be dangerous anyway. Example:
You have another admin on the forum, and he wants you password, by exploiting this vuln, he could install a javascript keylogger on you forum, and he may get your password
It isn't enough to put a message saying "Please don't..."
Hope you'll understand.
4 2008-11-15 17:16:03
Re: [request] Last 20 topics on first page (7 replies, posted in PunBB 1.3 extensions)
Yes it is.
5 2008-11-15 17:04:17
Re: Question : Group relationship (6 replies, posted in PunBB 1.3 troubleshooting)
Yes it doesn't 
6 2008-11-15 08:11:02
Re: [Release] Meta Tags Administration (48 replies, posted in PunBB 1.3 extensions)
XSS :
<meta name="keywords" content=""><script>alert(0)</script>" />
<meta name="robots" content=""><script>alert(0)</script>" />Patch :
File : ./extensions/meta_tags_admin/manifest.xml
Line 63 | $forum_head['descriptions'] = '<meta name="description" content="'.$forum_config['o_meta_tags_admin_desc'].'" />';
Replace with | $forum_head['descriptions'] = '<meta name="description" content="'.forum_htmlencode($forum_config['o_meta_tags_admin_desc']).'" />';
Line 88 | $forum_head['descriptions'] = '<meta name="description" content="'.$first_post.'" />';
Replace with | $forum_head['descriptions'] = '<meta name="description" content="'.forum_htmlencode($first_post).'" />';
Line 95 | $forum_head['keywords'] = '<meta name="keywords" content="'.$forum_config['o_meta_tags_admin_keyw'].'" />';
Replace with | $forum_head['keywords'] = '<meta name="keywords" content="'.forum_htmlencode($forum_config['o_meta_tags_admin_keyw']).'" />';
Line 98 | $forum_head['robots'] = '<meta name="robots" content="'.$forum_config['o_meta_tags_admin_robo'].'" />';
Replace with | $forum_head['robots'] = '<meta name="robots" content="'.forum_htmlencode($forum_config['o_meta_tags_admin_robo']).'" />';7 2008-11-14 17:31:21
Re: Only An Error (4 replies, posted in PunBB 1.2 bug reports)
It isnt an error. They added a php code that adds a class name into the <li>
Ex :
<li class="isactive"><a href="profile.php?section=essentials&id=<?php echo $id ?>"><?php echo $lang_profile['Section essentials'] ?></a></li>8 2008-11-14 17:10:36
Topic: You may be interested of that =] (2 replies, posted in PunBB 1.3 bug reports)
Whooops
Email sent
Posts found [ 8 ]
Pages 1
PunBB Forums » Posts by PHPLizardo
Powered by PunBB, supported by Informer Technologies, Inc.
Currently installed 5 official extensions. Copyright © 2003–2009 PunBB.