icekev Posted March 22, 2011 Share Posted March 22, 2011 Hello, today i asked one of my friend to see how a simple PHPBB forum was securised. In a matter of 20 mins, he sucesfully hacked my PHPBB forum and he could do anything. Now nor me or him knows anything about fixing security. We found those 2 injection point to enter: phpbb3_mywebsite.com_u Cookie, parameter: phpbb3_mywebsite.com_sid Thanks for further help on how to fix those security problems. Link to comment https://forums.phpfreaks.com/topic/231429-flaws-on-the-phpbb-forums/ Share on other sites More sharing options...
Maq Posted March 22, 2011 Share Posted March 22, 2011 These should be reported here: http://www.phpbb.com/community/ Link to comment https://forums.phpfreaks.com/topic/231429-flaws-on-the-phpbb-forums/#findComment-1191030 Share on other sites More sharing options...
icekev Posted March 23, 2011 Author Share Posted March 23, 2011 Thanks i posted to this Phpbb forum also. However ill keep this thread up to see if somone from here might know how to fix Link to comment https://forums.phpfreaks.com/topic/231429-flaws-on-the-phpbb-forums/#findComment-1191143 Share on other sites More sharing options...
Maq Posted March 23, 2011 Share Posted March 23, 2011 Thanks i posted to this Phpbb forum also. However ill keep this thread up to see if somone from here might know how to fix That's fine. I'm sure PHPBB has a 'proper' way of fixing these security issues. Link to comment https://forums.phpfreaks.com/topic/231429-flaws-on-the-phpbb-forums/#findComment-1191313 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.