Finally my post appeared on BugTraq :)
I have described the vulnerablity, but no exploit script is posted there. Also I have attached my patch against the problem.
Will phpBB.com accept or just ignore this for the third time? (Yes, I have posted it to email@example.com for two times, one is 5 weeks before, and one is 1 week before, and I then post it on BugTraq) I am not sure, but well… Ok. I can’t be still silent because phpBB must take action on their product.