icekev Posted March 22, 2011 Share Posted March 22, 2011 Hello, today i asked one of my friend to see how a simple PHPBB forum was securised. In a matter of 20 mins, he sucesfully hacked my PHPBB forum and he could do anything. Now nor me or him knows anything about fixing security. We found those 2 injection point to enter: phpbb3_mywebsite.com_u Cookie, parameter: phpbb3_mywebsite.com_sid Thanks for further help on how to fix those security problems. Quote Link to comment https://forums.phpfreaks.com/topic/231429-flaws-on-the-phpbb-forums/ Share on other sites More sharing options...
Maq Posted March 22, 2011 Share Posted March 22, 2011 These should be reported here: http://www.phpbb.com/community/ Quote Link to comment https://forums.phpfreaks.com/topic/231429-flaws-on-the-phpbb-forums/#findComment-1191030 Share on other sites More sharing options...
icekev Posted March 23, 2011 Author Share Posted March 23, 2011 Thanks i posted to this Phpbb forum also. However ill keep this thread up to see if somone from here might know how to fix Quote Link to comment https://forums.phpfreaks.com/topic/231429-flaws-on-the-phpbb-forums/#findComment-1191143 Share on other sites More sharing options...
Maq Posted March 23, 2011 Share Posted March 23, 2011 Thanks i posted to this Phpbb forum also. However ill keep this thread up to see if somone from here might know how to fix That's fine. I'm sure PHPBB has a 'proper' way of fixing these security issues. Quote Link to comment https://forums.phpfreaks.com/topic/231429-flaws-on-the-phpbb-forums/#findComment-1191313 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.