Discuss: MyBB 1.2.10 Security Update
#18
ZiNga BuRgA Wrote:
labrocca Wrote:Actually on some of my sites I do have png as executable for a specific reason though.
Then that could be part of your issue...

This won't allow config.php file to be re-written, unless:
a) You have FTP details stored on your server, and is retrievable
b) The file is CHMOD'd to be writable

Why would you need to execute PNG anyway? You can have a "fake" .png file, with a PHP script behind it, but most servers are set up to parse only .php and .php# files as PHP scripts.

If you have a "fake" png file, and you're using Apache, just use mod_rewrite. Smile


Messages In This Thread
RE: Discuss: MyBB 1.2.10 Security Update - by roy - 2007-12-29, 11:47 PM
RE: Discuss: MyBB 1.2.10 Security Update - by DCR - 2007-12-29, 11:50 PM
RE: Discuss: MyBB 1.2.10 Security Update - by Sephiroth - 2007-12-30, 05:31 AM

Forum Jump:


Users browsing this thread: 1 Guest(s)