NYCPHP Meetup

[nycphp-talk] php bulletin boards

Steve Manes smanes at magpie.com
Mon Jan 3 17:58:50 EST 2005


Yury Rush wrote:
> Hi -- there was an exploit a few weeks ago that affected phpBB boards..
> thousands were hacked via a worm that found phpBB sites using google's
> search..

That exploit is actually a bug in PHP's unserialize(), not PHPBB.

There are several exploits in 4.3.9 and 5.0.2:

http://national.auscert.org.au/render.html?it=4636



More information about the talk mailing list