Translations of this page: en bg cs de fi fr hu it ja pl ru tr zh

This is an old revision of the document!


PunBB 1.3 Bugs

Please, look through the list for the bug you have found. If there is no one, then add it.

PunBB 1.3 bugs

  • Moderation bugs:
    • Incorrect hidden field value on actions with multiple topics (fixed in [898], hotfix in process).
    • XSS vulnerability, reported by PHPLizardo (fixed in [909], hotfix hotfix_13_moderate_xss released).
    • Replies and Views are exchanged in moderate.php, reported by coordinator (fixed in [932]).
    • There is no link to the reports page in the admin menu for moderators, reported by 8k84 (fixed in [940]).
  • Markup and language file issues (no hotfixes will be released if the bug results no errors):
    • Incorrect markup of the “download latest version” link (fixed).
    • Missing language file entries for install.php, reported by coolhd (fixed in [891]).
    • Markup issues in the guest post form in post.php, reported by Adelf (fixed in [900]).
    • Markup issues in install.php (fixed in [901]).
    • Incorrect heading set in profile, reported by fantasma (fixed in [902]).
    • Underline is working as italics (post by Garciat, fixed in [922]).
    • Incorrect message you must copy/upload the file .htaccess from the extras directory in forum settings (topic by esupergood, fixed in [923]).
    • Make “new hotfixes” message more informative, see Forums topic by colak for details (fixed in [923]).
    • Breadcrumbs: Lack of link on topic subject ⇒ no topic permalink at all! (fixed in [924])
    • Wrong appearing of 'sticky' word in search results, reported by teva and Garciat (fixed in [910] and [928]).

PunBB 1.3.1 bugs

PunBB 1.3.2 bugs

PunBB 1.3.3 bugs

  • FIXME CSS bug in Firefox 1.5, see Forums topic by Garciat for details.
  • FIXME Just after installing the 'online' table takes a lot of diskspace on some systems (for example, 1.6 Mb on PHP: 4.4.9, Accelerator: eAccelerator, DB: MySQL Standard 4.1.22; see also a topic on forums).
  • FIXME Seems like checking of csrf tokens does not involve correspondent timeout in a right way.
  • FIXME Updating script (admin/db_update.php) issues?

Security issue details

We provide the details of fixed security bugs here.

FIXME Describe all the 1.3.* vulnerabilities here!

Possible XSS in moderate

A topic title was not converted to HTML in forum moderation. A user could steal moderator's & administrator's session by injecting JavaScript in the topic title.

Possible XSS in login

Password field value (set directly from POST-request) was not properly escaped, so that one could use it to execute JavaScript. CSRF confirm message would be displayed.

Potential SQL-injections at admin/users.php page

The values of $_POST['order_by'] and $_POST['direction'] were escaped, but not logically checked before using in SQL query at the AdministrationUsers page. One could execute any SQL query via making administrator to send a POST-request (e.g. giving him a link to the specially formed page). CSRF confirm message would be displayed.

Potential SQL-injections in admin/settings.php via configuration values

The values of configuration options were not checked before using in SQL query at AdministrationSettings page. One could execute any SQL query via making administrator to send a POST-request (e.g. giving him a link to the specially formed page). CSRF confirm message would be displayed.

See also

Links


Personal Tools