A few questions:
a) If this is the same thing anyway, should I just switch to fluxbb?
b) If not, how to I upgrade from punbb 1.2 to 1.3?
c) Does the theme that is being used here come with 1.3?
You are not logged in. Please login or register.
PunBB Forums → Posts by e-
Pages 1
A few questions:
a) If this is the same thing anyway, should I just switch to fluxbb?
b) If not, how to I upgrade from punbb 1.2 to 1.3?
c) Does the theme that is being used here come with 1.3?
Let's say an attacker managed to put <pun_include "backdoor.php"> into his post somehow. This tag would be copied verbatim into the page when the main site content was parsed. So, if PunBB would look for pun_include tags after parsing the main site, it would find the <pun_include "backdoor.php"> from his post and execute it.
So if someone finds a way to insert his own HTML into your site, he will be able to execute arbitrary files from your include directory.
Does this fix the "PunBB <= 1.2.14 Remote Code Execution Exploit" in search.php?action=show_new that was released recently?
Any news on this topic? I could use something like this, too.
Pages 1
PunBB Forums → Posts by e-
Powered by PunBB, supported by Informer Technologies, Inc.