[VIM] [Change Request] 15931: Smartor Photo Album for phpBB (fwd)

[security curmudgeon]

: ---------- Forwarded message ----------
: From: Smartor XP <smartor_xp at hotmail.com>
: To: moderators at osvdb.org
: Cc: dcrab at hackerscenter.com
: Date: Mon, 23 May 2005 01:31:50 +0700
: Subject: [OSVDB Mods] [Change Request]  15931: Smartor Photo Album for phpBB
: 
: I am Smartor. Ive just imformed about this
: http://www.osvdb.org/displayvuln.php?osvdb_id=15931
: 
: I am sure that is false bug report, because my album has not album_search.php
: at all :D
: 
: Maybe Diablic Crab missed my own written album with some (many) others
: modified versions (by other programmers) around the Internet


The vendor figured out what software was really vulnerable. I ended up 
editing the entry on our site to refer to the mod (search) of a mod 
(photo album) for phpBB. That promises to get messy as time passes! 
Imagine when we're tracking these vulnerabilities and a popular module for 
PHP-Nuke, PostNuke or phpBB gets edited and re-edited several times, each 
with a very blurry public history as to the ownership of the code.


---------- Forwarded message ----------
From: Smartor XP <smartor_xp at hotmail.com>
To: dcrab at hackerscenter.com, jericho at attrition.org
Date: Mon, 23 May 2005 09:32:31 +0700
Subject: Re: [Change Request] 15931: Smartor Photo Album for phpBB

Hi DCrab,

I never use phpBB Plus. My site is running my own personalized version of 
phpBB. And all your advisories do not work at my site, of course :)

About album_search.php, it is a mod (by Clown) for my Photo Album. There 
are so much mods for my photo album by a lot developers, and i (cant) take 
no responsible of those mods, like phpBB Group does not take responsible 
of mods too.

You should inform yourself before posting. Your advisories are not clearly 
correct ;)

Smartor