chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,462
25
473
Go on, have a guess

kris1351

Well-Known Member
Apr 18, 2003
963
0
166
Lewisville, Tx
I was fighting with someone attempting this a couple of weeks ago. The server was fine, but the customer was having their site shut down repeatedly after we sent in notices of issues.
 

rpmws

Well-Known Member
Aug 14, 2001
1,822
8
318
back woods of NC, USA
anyone know an easier source for this update across our servers ..then to do all of them by hand? I don't see the .19 in my WHM yet ..cPanel taking their time on this one i think :(
 

Jeff-C

Well-Known Member
Mar 16, 2004
116
0
166
It's interesting because the announcement at http://www.phpbb.com/phpBB/viewtopic.php?t=352966 seems to imply that the server is not vulnerable because of these issues:

# [Sec] fixed XSS issue (only valid for Internet Explorer) within the url bbcode
# [Sec] fixed XSS issue (only valid for Internet Explorer) if html tags are allowed and enabled

What does "only valid for Internet Explorer" mean?
 

Jeff-C

Well-Known Member
Mar 16, 2004
116
0
166
vbulletin had the same growing pains until version 3.x introduced the plugin system which makes upgrading while keeping most customizations a breeze.
 
Last edited:

kris1351

Well-Known Member
Apr 18, 2003
963
0
166
Lewisville, Tx
Vbulletin, IPB or SMF have had as many problems as phpBB. They are to they point they are having to release a major fix each and every month now. Some of these releases have been server threatening even on secured boxes.