FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » FUDforum Development » Bug Reports » FUDforum Security Vulnerability Notification
Show: Today's Messages :: Polls :: Message Navigator
Switch to threaded view of this topic Create a new topic Submit Reply
FUDforum Security Vulnerability Notification [message #168196] Thu, 28 February 2013 20:32 Go to next message
htbridge is currently offline  htbridge
Messages: 1
Registered: February 2013
Karma: 0
Junior Member
Hello,

High-Tech Bridge Security Research Lab has discovered a security vulnerability in FUDforum 3.0.4

Preview available here: www.htbridge.com/advisory/HTB23146

Developers can contact us by email for details: advisory (at) htbridge.com

For any questions related to this notification message - please visit our General Information & Disclosure Policy page: www.htbridge.com/advisory/disclosure_policy.html

Best regards,
High-Tech Bridge Security Research Lab
Re: FUDforum Security Vulnerability Notification [message #168207 is a reply to message #168196] Sun, 03 March 2013 19:25 Go to previous message
naudefj is currently offline  naudefj   
Messages: 3771
Registered: December 2004
Karma: 28
Senior Member
Administrator
Core Developer
Patch is available at http://fudforum.svn.sourceforge.net/viewvc/fudforum/trunk/install/www_root/ adm/admreplace.php?r1=4981&r2=5593

Users should not be overly concerned as this exploit requires administrator access to the forum.

Best regards.
Frank
  Switch to threaded view of this topic Create a new topic Submit Reply
Previous Topic: home and banner are opening in new window when clicked
Next Topic: NNTP Subject Encoding Bug
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sun Nov 24 02:31:39 GMT 2024

Total time taken to generate the page: 0.02835 seconds