Sorry, I explained the security thing terribly.
What I meant security problems is even if you get it running on PHP 8.2, the security updates since your version of phpBB will need to be backported to your version or the vulnerabilities will still exist.
You'd be surprised how long (and stealthily) an exploit can be used. I'm currently helping someone move off phpBB 2.0.15, and I let them know there are many open vulnerabilities for it. I ran a clamscan on it and found the items below!
language/lang_english/email/robots.php: YARA.md5_4aa900ddd4f1848a15c61a9b7acd5035.UNOFFICIAL FOUND
openx/www/admin/pas.php: YARA.md5_4aa900ddd4f1848a15c61a9b7acd5035.UNOFFICIAL FOUND
openx/www/admin/swf.delivery.php: {HEX}php.cmdshell.generic.280.UNOFFICIAL FOUND
openx/plugins/swf.rack.php: {HEX}php.cmdshell.generic.280.UNOFFICIAL FOUND
openx/var/swf.rack.php: {HEX}php.cmdshell.generic.280.UNOFFICIAL FOUND
modules/gallery/setup/check_imagemagick.php: {HEX}php.exe.globals.417.UNOFFICIAL FOUND
modules/gallery/setup/check_netpbm.php: {HEX}php.exe.globals.417.UNOFFICIAL FOUND
admin/userpost.php: YARA.webshell_PHPRemoteView.UNOFFICIAL FOUND
files/gallery-V1-phpbb2-integrated.tar.gz: {HEX}php.exe.globals.417.UNOFFICIAL FOUND
privmsg.orig.php: {HEX}php.cmdshell.generic.280.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.2006-06-24: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.2005-09-21: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.2005-05-10: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.new: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.xsmod: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.backup: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body_new.tpl: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.2004-05-26: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body41.tpl: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.2004-05-27: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.2005-04-07: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.ads: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body-pre41.tpl: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl-no-google-homepage-ads-on-login: {HEX}php.include.remote.481.UNOFFICIAL FOUND
openx_old/plugins/swf.delivery.php: {HEX}php.cmdshell.generic.280.UNOFFICIAL FOUND
openx_old/etc/plugins/openXVideoAds.zip: Legacy.Trojan.Agent-30765 FOUND
Some of these are remote shells which let them easily look around the system.
What I meant security problems is even if you get it running on PHP 8.2, the security updates since your version of phpBB will need to be backported to your version or the vulnerabilities will still exist.
You'd be surprised how long (and stealthily) an exploit can be used. I'm currently helping someone move off phpBB 2.0.15, and I let them know there are many open vulnerabilities for it. I ran a clamscan on it and found the items below!
language/lang_english/email/robots.php: YARA.md5_4aa900ddd4f1848a15c61a9b7acd5035.UNOFFICIAL FOUND
openx/www/admin/pas.php: YARA.md5_4aa900ddd4f1848a15c61a9b7acd5035.UNOFFICIAL FOUND
openx/www/admin/swf.delivery.php: {HEX}php.cmdshell.generic.280.UNOFFICIAL FOUND
openx/plugins/swf.rack.php: {HEX}php.cmdshell.generic.280.UNOFFICIAL FOUND
openx/var/swf.rack.php: {HEX}php.cmdshell.generic.280.UNOFFICIAL FOUND
modules/gallery/setup/check_imagemagick.php: {HEX}php.exe.globals.417.UNOFFICIAL FOUND
modules/gallery/setup/check_netpbm.php: {HEX}php.exe.globals.417.UNOFFICIAL FOUND
admin/userpost.php: YARA.webshell_PHPRemoteView.UNOFFICIAL FOUND
files/gallery-V1-phpbb2-integrated.tar.gz: {HEX}php.exe.globals.417.UNOFFICIAL FOUND
privmsg.orig.php: {HEX}php.cmdshell.generic.280.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.2006-06-24: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.2005-09-21: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.2005-05-10: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.new: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.xsmod: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.backup: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body_new.tpl: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.2004-05-26: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body41.tpl: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.2004-05-27: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.2005-04-07: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl.ads: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body-pre41.tpl: {HEX}php.include.remote.481.UNOFFICIAL FOUND
templates/subSilver/portal_body.tpl-no-google-homepage-ads-on-login: {HEX}php.include.remote.481.UNOFFICIAL FOUND
openx_old/plugins/swf.delivery.php: {HEX}php.cmdshell.generic.280.UNOFFICIAL FOUND
openx_old/etc/plugins/openXVideoAds.zip: Legacy.Trojan.Agent-30765 FOUND
Some of these are remote shells which let them easily look around the system.
Statistics: Posted by ftsservice — Thu May 30, 2024 7:01 pm