digip Posted October 12, 2007 Posted October 12, 2007 Has anyone here ever used: http://www.myupb.com/ and is it a security risk over things like phpBB? I know a lot of people say stay away from phpBB, so I tried something new and went with UPB becasue we do not have access to creaty any MySql databases at the moment. UPB was fairly easy to setup, but there is so much code, I cannot manage to go through all of it and check for holes. Not that I would even know where to begin. I see 3 out of 5 Secunia vulnerabilities are unpatched for cross site scripting vulnerabilities, but it only lists them for versions 1.x.etc There doesn't seem to be anything found for versions later than 2.1.x I am using version 2.1.1b and did not find aything on it from milworm or secunia or http://www.us-cert.gov (or any other google searches) but wanted to check with the Hak5 community just in case there is something I am not aware of or settings I can change to turn off or block weak features. Quote
Mark Manching Posted October 12, 2007 Posted October 12, 2007 Has anyone here ever used: http://www.myupb.com/ and is it a security risk over things like phpBB? I know a lot of people say stay away from phpBB, so I tried something new and went with UPB becasue we do not have access to creaty any MySql databases at the moment. UPB was fairly easy to setup, but there is so much code, I cannot manage to go through all of it and check for holes. Not that I would even know where to begin. I see 3 out of 5 Secunia vulnerabilities are unpatched for cross site scripting vulnerabilities, but it only lists them for versions 1.x.etc There doesn't seem to be anything found for versions later than 2.1.x I am using version 2.1.1b and did not find aything on it from milworm or secunia or http://www.us-cert.gov (or any other google searches) but wanted to check with the Hak5 community just in case there is something I am not aware of or settings I can change to turn off or block weak features. UPB?? not yet i am still using SMF much secure than phpBB :-) Quote
digip Posted October 12, 2007 Author Posted October 12, 2007 @Mark Manching - Thanks for the reply. From what I can see online, it is much better than phpBB, but I just wanted to make sure there wasn't somethings about UPB that I should know about or settings to go over. The thing I like about UPB is you do not need MySql, and since we can't create any MySql databases, this helps us tremendously. They set his account up with one DB and we are currently using it for Wordpress. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.