Home » General » sticky Security Release - NinkoBB 1.3RC5 (4 Posts)
I should probably update this security flaw too! - Aldarn
--------------------------------------------------------------------------------------------------------------------------------
Please update your files or if you don't want to risk all of the files just `admin.php` exploit was found here:
http://packetstormsecurity.org/filedesc/ninkobb-addadmin.txt.html
I have fixed the exploit and yes it did work. I tested it on my own copy of it. I forgot to exit or kill the PHP process and forms ignore headers. Human error. Well, its fixed in RC5 and this was a very quick release with no fixes other than that one as I found out about it about 10 minutes ago.
Downloads can be found here.
--------------------------------------------------------------------------------------------------------------------------------
Please update your files or if you don't want to risk all of the files just `admin.php` exploit was found here:
http://packetstormsecurity.org/filedesc/ninkobb-addadmin.txt.html
I have fixed the exploit and yes it did work. I tested it on my own copy of it. I forgot to exit or kill the PHP process and forms ignore headers. Human error. Well, its fixed in RC5 and this was a very quick release with no fixes other than that one as I found out about it about 10 minutes ago.
Downloads can be found here.
Also works in v1.2x just had my site hit with it...
