You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 242 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Nuke Cops :: View topic - Does recent BBCode (non-nuke) vulnerability apply to Nuke ? [ ]
 Forum FAQ  •  Search  •   •  Memberlist  •  Usergroups   •  Register  •  Profile •    •  Log in to check your private messages  •  Log in

 
Post new topic  Reply to topicprinter-friendly view
View previous topic Log in to check your private messages View next topic
Author Message
lamamike
Nuke Soldier
Nuke Soldier


Joined: Sep 20, 2003
Posts: 13


PostPosted: Sun Oct 05, 2003 5:20 am Reply with quoteBack to top

Recently, the phpBB group reported the following error:

Quote:
BBCode vulnerability - Important by psoTFX
10 Sep 2003
A vulnerability exists in recent versions of phpBB allowing xss to be used in the bbcode URL tag.

Please see http://www.phpbb.com/phpBB/viewtopic.php?t=135116 for further information. This is a serious matter and we urge all users to take appropriate action.


I'm running nuke 6.9 and have upgraded to the 2.0.6 bb2Nuke port. I checked out the thread and file includes/bbcode.php that it suggests to modify; however, the 2.0.6 bb2Nuke port file is different than the phpBB-only file, because I can't match the "before" code in the thread to my file in order to change it to the "after."

Can a knowledgeable administrator/moderator tell me if the problem is not present in the bb2Nuke port replacement files, or if it is. And if so, if nukecops can post some replacement code to edit these files??

Thanks for your time and help! The world is a better place with people who take the time to act as catalysts for the open source world!
Find all posts by lamamikeView user's profileSend private message
Display posts from previous:      
Post new topic  Reply to topicprinter-friendly view
View previous topic Log in to check your private messages View next topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



Powered by phpBB © 2001, 2005 phpBB Group

Ported by Nuke Cops © 2003 www.nukecops.com
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::
Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.049 Seconds - 121 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::