The phpBB exploit as detailed here: http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=240513

was mentioned by someone on this forum before. However, I don't think it was fully resolved if newBB was vulnerable to this same exploit. Doing a simple search of newBB's viewtopic.php yielded no code that matched the vulnerable code presented in the phpBB forum post. I believe I'm using newBB 1.0 (or if this doesn't sound right, whatever version came bundled with XOOPS 2.0.7). I would like to know if newBB is in fact vulnerable to this same exploit. Looking at the changelog for newBB 2.0 doesn't mention anything about this, so maybe it doesn't affect newBB?

Oops, it looks like it was resolved in the second page of the phpBB exploit thread in this forum. The search feature brought me to the first page and I didn't realize (due to the small multi-page icons) that it continued onto the next page.

Anyway, disregard this post.