This is an old revision of the document!
PunBB 1.3 Bugs
Please, look through the list for the bug you have found. If there is no one, then add it.
PunBB 1.3 bugs
- Moderation bugs:
- Markup and language file issues (no hotfixes will be released if the bug results no errors):
- Incorrect markup of the “download latest version” link (fixed).
- Markup issues in the guest post form in post.php, reported by Adelf (fixed in [900]).
- Markup issues in install.php (fixed in [901]).
- Underline is working as italics (post by Garciat, fixed in [922]).
- Incorrect message
you must copy/upload the file .htaccess from the extras directory
in forum settings (topic by esupergood, fixed in [923]). - Make “new hotfixes” message more informative, see Forums topic by colak for details (fixed in [923]).
- Breadcrumbs: Lack of link on topic subject ⇒ no topic permalink at all! (fixed in [924])
- Wrong appearing of 'sticky' word in search results, reported by teva and Garciat (fixed in [910] and [928]).
PunBB 1.3.1 bugs
- Parser bugs
- Sequrity issues (reported by Stefan Esser, hotfixes have been released):
- There is no ' class=“isactive”' in the Profile link in the main navigation menu (fixed in [964]).
PunBB 1.3.2 bugs
- CSS bug in Firefox 1.5, see Forums topic by Garciat for details.
- Just after installing the 'online' table takes a lot of diskspace on some systems (for example, 1.6 Mb on PHP: 4.4.9, Accelerator: eAccelerator, DB: MySQL Standard 4.1.22).
- Seems like checking of csrf tokens does not involve correspondent timeout in a right way.
- Incorrect layout in viewforum.php when “Topic views” is disabled, reported by burina.
- Updating script (
admin/db_update.php
) issues?
Security issue details
We provide the details of fixed security bugs here.
Describe all the 1.3.* vulnerabilities here!
Possible XSS in moderate
A topic title was not converted to HTML in forum moderation. A user could steal moderator's & administrator's session by injecting JavaScript in the topic title.
- Forum versions vulnerable: PunBB 1.3
- Vulnerability type: XSS
- Fixed in [909].
- Hotfix hotfix_13_moderate_xss released.
Possible XSS in login
Password field value (set directly from POST-request) was not properly escaped, so that one could use it to execute JavaScript. CSRF confirm message would be displayed.
- Reported by Stefan Esser.
- Forum versions vulnerable: PunBB 1.3, PunBB 1.3.1.
- Vulnerability type: XSS
- Fixed in [962].
- Hotfix hotfix_131_xss_attack_in_login released.
Potential SQL-injections at admin/users.php page
The values of $_POST['order_by']
and $_POST['direction']
were escaped, but not logically checked before using in SQL query at the Administration
⇒ Users
page. One could execute any SQL query via making administrator to send a POST-request (e.g. giving him a link to the specially formed page). CSRF confirm message would be displayed.
- Forum versions vulnerable: PunBB 1.3, PunBB 1.3.1.
- Reported by Stefan Esser.
- Vulnerability type: SQL injection
- Fixed in [963].
- Hotfix hotfix_131_sql_injection_in_admin_users released.
Potential SQL-injections in admin/settings.php via configuration values
The values of configuration options were not checked before using in SQL query at Administration
⇒ Settings
page. One could execute any SQL query via making administrator to send a POST-request (e.g. giving him a link to the specially formed page). CSRF confirm message would be displayed.
- Forum versions vulnerable: PunBB 1.3, PunBB 1.3.1.
- Reported by Stefan Esser.
- Vulnerability type: SQL injection
- Fixed in [965].
- Hotfix hotfix_131_sql_injection_in_admin_settings released.
See also
Links
- PunBB 1.3 bug reports forum in PunBB Forums.