Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:10848
HistoryDec 30, 2005 - 12:00 a.m.

phpbb2.0.19 fixes security issues

2005-12-3000:00:00
vulners.com
10
JSON

re: http://www.phpbb.com/phpBB/viewtopic.php?t=352966

[Sec] fixed XSS issue (only valid for Internet Explorer) within the url bbcode
[Sec] fixed XSS issue (only valid for Internet Explorer) if html tags are allowed and enabled
[Sec] added configurable maximum login attempts to prevent dictionary attacks

Other fixes:

[Fix] corrected index on session keys table under MS SQL
[Fix] added session keys table to backup
[Fix] delete session keys entries when deleting user
[Fix] changes to support MySQL 5.0
[Fix] changes to some of the admin files to improve efficiency and remove a potential error condition when building the menu
[Fix] change truncation of username length in usercp_register.php - BFUK
[Fix] incorrect path to avatars in admin_users.php (Bug #667)
[Fix] fixed get_userdata to support correct sql escaping (non-mysql dbs) - jarnaez
[Fix] fixed captcha for those not having the zlib extension enabled
[Change] Placed version information above who is online in admin panel for better visual presence


Paul Laudanski, Microsoft MVP Windows-Security
[cal] http://events.castlecops.com
[de] http://de.castlecops.com
[en] http://castlecops.com
[wiki] http://wiki.castlecops.com
[family] http://cuddlesnkisses.com

JSON