phpBB.com have announced that their phpBB software contains a critical vulnerability.
This news comes just days after the release of 2.0.12, which was released to adress certain other vulnerabilities.
Exploitation of this vulnerability gives administrative rights, meaning arbitrary code can be executed.
This could mean that we see a Santy-like scenario all over again, with a lot of servers being affected.
Although I believe we would see only a few defaced websites in this case, instead I’m expecting a lot of zombies.
phpBB.com have released version 2.0.13 which is no longer vulnerable for this vulnerability.
You are severely urged to update to the latest version as soon as possible.