Exploitation of phpBB highlight parameter vulnerability
Original release date: December 21, 2004
Last revised: December 22, 2004
Source: US-CERT
Systems Affected: phpBB versions 2.0.10 and prior.
OverviewThe software phpBB contains an input validation problem in how it processes a parameter contained in URLs. An intruder can deface a phpBB website, execute arbitrary commands, or gain administrative privileges on a compromised bulletin board.
News source:
ieXbeta
Full story:
View Here