phpBB2.de :: phpBB2.de :: phpBB, phpBB2 und phpBB3 Support-Forum

FAQ • Suchen • Download • Lesezeichen • Mitgliederliste • Benutzergruppen • Registrieren • Profil • Einloggen, um private Nachrichten zu lesen • Login

phpBB2.de
Portal

Board Navigation

Navigation

Portal

Forum

Support

Make a Donation
News

Kategorien

Archiv
Download

Neuste

Suchen

Top 10
Tools

Knowledge Base

Letzte Themen

phpBB Topliste

Homepagevorlagen

Kalender

Spiele

Links
Ressourcen

phpBB Styles

phpBB2 Mods

Paid phpBB Styles

Webdesign
Über uns

Chat

FAQ

Lesezeichen

Mitarbeiterseite

Mitgliederliste

Benutzergruppen

Partner

Statistik

Sitemap

Impressum

Kontakt

Demo
Styles phpBB2 Styles Demo Plus 1.5 Styles Demo Plus Demo Plus 1.52 Demo phpBB3 Demo phpBB3 Demo

Adsense

Statistik
Wir haben 62941 registrierte Benutzer. Der neueste Benutzer ist dgsq1q???. Unsere Benutzer haben insgesamt 231757 Beiträge geschrieben. in 45235 Themen geschrieben

Suchen
Suchen: Suche auf: Erweiterte Suche

Site of the month

Links

phpBB2.de

Webkatalog, Freeware, Lancom

Vulnerable Part in eXTreme Styles Mod - Please fix it NOW !

Verfasst am 03-27-2008 12:10:03 pm

A Security Hole was found in the eXtreme Styles Mod which is also used in phpBB2 Plus 1.5x. You should apply this fix NOW:

Open file admin/admin_xs.php

FIND:

Code:

if(empty($setmodules))
{
return;
}

REPLACE WITH:

Code:

if (!defined('IN_PHPBB'))
{
die('Hacking attempt');
}

if(empty($setmodules))
{
return;
}

CyberAlien post:
http://www.phpbbstyles.com/viewtopic.php?p=92240#92240

Other files, potential vulnerability:

Open /includes/functions_kb.php file

FIND:

Code:

//
// get_quick_stats();
// gets number of articles
//

BEFORE ADD:

Code:

if ( !defined('IN_PHPBB') )
{
die('Hacking attempt');
}

Open /includes/functions.php file

FIND:

Code:

//-- mod : post icon -------------------------------------------------------------------------------

BEFORE ADD:

Code:

if ( !defined('IN_PHPBB') )
{
die('Hacking attempt');
}

Thanks to ThE KuKa for Notification !

Diese News wurde 55203 mal gelesen und hat 14 Kommentare.

Antworten

phpBB2 Plus 1.53a CTracker 5.0.4 Upgrade Package available

Verfasst am 09-27-2007 01:20:20 pm

Hello,

I have made a Package to Upgrade phpBB2 Plus 1.53a (Codebase 2.0.22) with the latest Cracker Tracker 5.0.4 from www.cback.de. Just follow the steps in the included readme to upgrade your CTracker to 5.0.4.

You can find the Download here:

http://www.phpbb2.de/dload.php?action=file&file_id=834

Diese News wurde 26310 mal gelesen und hat 0 Kommentare.

Antworten

phpBB2 Plus 1.53a Language File Vulnerable

Verfasst am 09-22-2007 09:24:35 pm

A critical Security Hole was found in 2 Language Files of phpBB2 Plus 1.5x. Please add this fix very quickly to the following Files:

language/lang_german/lang_main_album.php
language/lang_german/lang_admin_album.php
language/lang_english/lang_main_album.php
language/lang_english/lang_admin_album.php

Open the Files and find at the Top of the file:

Code:

/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/

add below:

Code:

if ( !defined('IN_PHPBB') )
{
die('Hacking attempt');
exit;
}

Add the Code to all listed files. If you have different languages installed, also add the fix to all other languages !!!

Edit: Please add this fix also : http://www.phpbb2.de/ftopic45080.html

Diese News wurde 27285 mal gelesen und hat 0 Kommentare.

Antworten

Acronym Mod v0.9.5 Remote SQL Injection

Verfasst am 01-01-2007 01:13:34 pm

The Acronym Mod which is included in phpBB2 Plus 1.53 is Vulnerable and should be fixed asap. Please make these codechanges in the file admin/admin_acronyms.php

FIND:

Code:

$acronym_id = ( isset($_GET['id']) ) ? $_GET['id'] : 0;

REPLACE WITH:

Code:

$acronym_id = ( isset($_GET['id']) ) ? intval($_GET['id']) : 0;

FIND:

Code:

$acronym_id = ( isset($_POST['id']) ) ? $_POST['id'] : 0;

REPLACE WITH:

Code:

$acronym_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : 0;

FIND:

Code:

$acronym_id = ( isset($_POST['id']) ) ? $_POST['id'] : $_GET['id'];

REPLACE WITH:

Code:

$acronym_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : intval($_GET['id']);

Thanks to The Kuka !

Diese News wurde 42711 mal gelesen und hat 4 Kommentare.

Antworten

phpBB 2.0.22 released !

Verfasst am 12-23-2006 11:09:46 pm

phpBB 2.0.22 released !

phpBB 2.0.22 was released today by the phpBB Group. This release addresses several bugfixes and some security issues. Language pack authors may note that one additional language variable had been added.

It is important that you carry out both parts of the update - updating the files and running the database update script - for updates to be complete.

What has changed in this release?

The changelog (contained within this release) is as follows:

[Fix] Check for user's existence prior to showing email form
[Fix] New members of moderator groups should always become moderators (Bug #382)
[Fix] Proper message when replying to non-existant topics (Bug #459)
[Fix] Changed column type of search_array to store more ids (Bug #4058)
[Fix] Fixed annoyance with font-size selector (Bug #4612)
[Fix] Fix optimize line in database updater (Bug #6186)
[Sec] Check for the avatar upload directory reinforced
[Sec] Changes to the criteria for "bad" redirection targets - kellanved
[Sec] Fixed a non-persistent XSS issue in private messaging
[Sec] Fixing possible negative start parameter - SpiderZ.
[Sec] Added session checks to various forms - kellanved

phpBB 2.0.22 Full Package
phpBB 2.0.22 Updated Files only
phpBB 2.0.22 Patch File
phpBB 2.0.21 to phpBB 2.0.22 Code Changes

phpBB2 Plus 1.53a Core Code Changes to phpBB 2.0.22 Code

phpBB 2.0.22 incl. deutschen Sprachfiles und Grafiken

Diese News wurde 85267 mal gelesen und hat 21 Kommentare.

Antworten

phpBB 2.0.21 updated !

Verfasst am 06-09-2006 10:38:41 am

phpBB 2.0.21 updated !

Graham hat folgendes geschrieben:

It has come to my attention that there may be a bug in this release which will affect those who run a forum with multiple languages installed and in use and lead to the default language being changed under some circumstances.

If this issue is affecting you, the following change should resolve it.

OPEN includes/functions.php

FIND (near line 371)

Code:

$board_config['default_lang'] = $default_lang;
$userdata['user_lang'] = $default_lang;

REPLACE WITH

Code:

$userdata['user_lang'] = $default_lang;

FIND (near line 374)

Code:

elseif ( $board_config['default_lang'] !== $default_lang )

REPLACE WITH

Code:

elseif ( $userdata['user_id'] === ANONYMOUS && $board_config['default_lang'] !== $default_lang )

FIND (near line 384)

Code:

$board_config['default_lang'] = $default_lang;
}

REPLACE WITH

Code:

}

$board_config['default_lang'] = $default_lang;

*new files comming soon*

Diese News wurde 39172 mal gelesen und hat 4 Kommentare.

Antworten

Gehe zu Seite 1, 2, 3 ... 19, 20, 21 Weiter

Google

Newsletter

phpBB2 Toplist

Google Visits
Anzahl Google-Besuche seit dem 20.11.2004: 9073360

Wer ist online?

Insgesamt sind 10 Benutzer online: Kein registrierter, kein versteckter und 10 Gäste.

Registrierte Benutzer: Googlebot

[ Komplette Liste anzeigen ]

Der Rekord liegt bei 2254 Benutzern am Fr 28 Sep, 2012 02:16.

Umfrage

Rate the new Layout

Best one ever [150]

Very Good [188]

I like it [111]

Hmmmm [88]

Don't like it [25]

It suxx [64]

Du musst angemeldet sein um an der Umfrage teilzunehmen

Ressources
Rasenmäher
handy orten

Levis Jeans, Artikelverzeichnis, Themen

Page generation time: 0.1019s (PHP: 87% - SQL: 13%) - SQL queries: 30 - GZIP enabled - Debug on