my phpBB hacked!

[Galen]

http://www.snipeme.com/board/viewtopic.php?p=4597&#4597

Very Interesting. So apparently phpBB 2.0.10 is extremely easy to hack. Well, in return for the dude showing me this, I'm posting here to let everyone who uses phpBB know about this. I'm not particularly concerned about since I do frequent backups and any mass deletion of my forum would be a waste of time for any hacker.

At least this guy appears to be one of the "good guys" and not some stupid script kiddie.

[Spathiphyllum]

Just curious... how much of a hassle would it be to upgrade? Wouldn't that be easier than worrying about being "known-hack vulnerable" and responding every time the same haxor visits? Backing up your site may very well be easy but it still means that it could come down at an inconvenient time.

Granted, the next version won't be hack-proof either, but why let the script-kiddie dictate your site maintenance schedule?

Incidently, I don't use the software so maybe it is more trouble than it's worth to update. It just strikes me as curious.

[Vin DSL]

Um...

Maybe you missed this:
phpBB 2.0.11 Upgrade Reminder

[Vin DSL]

Incidently, I don't use the software so maybe it is more trouble than it's worth to update. It just strikes me as curious.

Piece of cake...

[Galen]

You're right Vin, I did miss that. I'll be upgrading asap now. Thanks!

[ChanceR]

For those of you who haven't upgraded yet

http://www.google.com/search?hl=en&q...+generation%22

http://news.zdnet.com/2100-1009_22-5...ml?tag=nl.e589

[JPC-Greg]

Vin, ill borrow your post for a news and updates notice on this.

[JPC-Greg]

nevermind, les beat me to it

[BNX]

I dont think this deserves its own thread, but here it is here, I had my phpnuke portal hacked recently. And I suspect the user used SQL Injection and set himself as god admin. Hes gone now, but I was hoping someone knew of a security patch for this?