2 matches found
phpbb2013user.txt
------------------------------------------------------------------------ phpBB 2.0.13 user level exploit By : Morinex e-mail : [email protected] date : 20-03-2005 greetz : Ali7 for helping me =P , Zeltha , code , ASC and w00pie.NL Exploit not founded by me! Dunno who is the founder of this bug. T...
phpBB 2.0.13 - user level exploit
This one goes for all phpBB versions up to 2.0.13. While applying and testing the patch for the autologin bug I found that phpBB2 doesn't reset the $userdata'userlevel' variable after a failed autologin. This is the vulvernable code in sessions.php: if $userid != ANONYMOUS $autologinkey =...