On Mon, 2006-09-18 at 20:00 +0200, Stefan Fritsch wrote:
> phpBB 2.0.21 does not properly handle pathnames ending in %00, which
> allows remote authenticated administrative users to upload arbitrary
> files, as demonstrated by a query to admin/admin_board.php with an
> avatar_path parameter ending
Package: phpbb2
Severity: important
Tags: security
A vulnerability has been found in phpBB:
phpBB 2.0.21 does not properly handle pathnames ending in %00, which
allows remote authenticated administrative users to upload arbitrary
files, as demonstrated by a query to admin/admin_board.php with an
2 matches
Mail list logo
