Topic: Remote Vulnerabilities (Read 2759 times)

Jeff · « **on:** April 05, 2009, 01:21:39 AM »

Hey i have been with this project since the beginning and i couldn't be happier that its back...
Im looking forward to helping improve the project and watch it grow once again....

But the one thing i remember from before it was closed was this injection below is a link talking about it....

Hope this helps.....

http://www.milw0rm.com/exploits/4139

and my site will be back up soon..... i just have to find my year old backups lol

naxtra · « **Reply #1 on:** April 05, 2009, 06:08:33 PM »

hmm...thx...

is there any solution to it

Jeff · « **Reply #2 on:** April 05, 2009, 09:31:28 PM »

ya there is... there always is... im sure this will be patched in .30 or 1.0(what ever its oging to be lol)

im lookinf into a fix for .21 tho

Chris (krissy) · « **Reply #3 on:** April 05, 2009, 09:58:16 PM »

Quote from: jsuthers on April 05, 2009, 09:31:28 PM

ya there is... there always is... im sure this will be patched in .30 or 1.0(what ever its oging to be lol)

im lookinf into a fix for .21 tho

Here was a fix but i've lost it $:-\$

I'll get it from ben though..

naxtra · « **Reply #4 on:** April 05, 2009, 11:08:45 PM »

Thx - hope Ben has it

Chris (krissy) · « **Reply #5 on:** April 06, 2009, 03:09:28 PM »

Quote from: naxtra on April 05, 2009, 11:08:45 PM

Thx - hope Ben has it

I've gave ben an email and will post this fix as soon as i have it.

Jeff · « **Reply #6 on:** April 06, 2009, 11:36:49 PM »

Sweet thank you

Dudditz · « **Reply #7 on:** April 14, 2009, 09:51:36 PM »

Thats weird - I have been running 0.21 since June of last year and those exploits do not work when I tried.
Site running on a subdomain with php 5.2.5 globals_off so was this possibly relying on older versions of php or globals being on?

Chris (krissy) · « **Reply #8 on:** April 15, 2009, 10:43:12 PM »

There was a few bugs allowing such things but they have been fixed and released in our latest update

.

Jeff · « **Reply #9 on:** April 16, 2009, 12:54:40 AM »

Quote from: krissy on April 15, 2009, 10:43:12 PM

There was a few bugs allowing such things but they have been fixed and released in our latest update .

by the way great job on the release and fixing the bugs..... kudos to Simpsonking

naxtra · « **Reply #10 on:** April 16, 2009, 11:33:42 PM »

Thanks a lot PhPD Team!!!

News:

Author Topic: Remote Vulnerabilities (Read 2759 times)

Jeff

Remote Vulnerabilities

naxtra

Re: Remote Vulnerabilities

Jeff

Re: Remote Vulnerabilities

Chris (krissy)

Re: Remote Vulnerabilities

naxtra

Re: Remote Vulnerabilities

Chris (krissy)

Re: Remote Vulnerabilities

Jeff

Re: Remote Vulnerabilities

Dudditz

Re: Remote Vulnerabilities

Chris (krissy)

Re: Remote Vulnerabilities

Jeff

Re: Remote Vulnerabilities

naxtra

Re: Remote Vulnerabilities