1
jamesbond420
Xoops Security Issues

Is there a way to contact the XOOPS developers in regards to security issues?

2
jdseymour
Re: Xoops Security Issues

I will confirm procedures for this in the morning when Herko and Mith are online. For now if it is urgent contact one of them directly.

I will see if we can set up some kind of secure reporting structure.

3
jamesbond420
Re: Xoops Security Issues

Well, the issues are fairly serious as it is highly exploitable sql injection in core xoops. My email address is security a|t gulftech d|o|t org

Thanks :)

4
Anonymous
Re: Xoops Security Issues
  • 2005/6/25 6:10

  • Anonymous

  • Posts: 0

  • Since:


please, share this information for all

not in private

5
kgmetcalfe
Re: Xoops Security Issues
  • 2005/6/25 7:57

  • kgmetcalfe

  • Just popping in

  • Posts: 95

  • Since: 2005/3/24


no i dont think so... keep it inside away from the likes of you ... that wont use your real name.


come out of the darkness and be recognized. that is if you have the guts...

6
Herko
Re: Xoops Security Issues
  • 2005/6/25 8:05

  • Herko

  • XOOPS is my life!

  • Posts: 4238

  • Since: 2002/2/4 1


Quote:

jamesbond420 wrote:
Well, the issues are fairly serious as it is highly exploitable sql injection in core xoops. My email address is security a|t gulftech d|o|t org

Thanks :)

Can you send the information you have on this to security|at|xoops|dot|org ? That way we can deal with it as quick as possible! And thanks for the heads up!

Herko

7
jamesbond420
Re: Xoops Security Issues

All issues have been reported to Jan Pedersen :) Have you guys considered adding yourselves to this list?

http://www.osvdb.org/vendor_dict.php

Would make finding contact info alot easier :)

8
Mithrandir
Re: Xoops Security Issues

Quote:

Have you guys considered adding yourselves to this list?

I am now

Thanks for directing our attention there.
"When you can flatten entire cities at a whim, a tendency towards quiet reflection and seeing-things-from-the-other-fellow's-point-of-view is seldom necessary."

Cusix Software

9
javier
Re: Xoops Security Issues
  • 2005/6/26 15:02

  • javier

  • Not too shy to talk

  • Posts: 184

  • Since: 2002/8/6 1


Quote:

Anonymous wrote:
please, share this information for all

not in private


That have not sense, the only people who must know about that are the XOOPS developers,
Sharing with all the people, the only thing will do, is make the XOOPS sites more vulnerable.

excuse my bad english.
grettings
Javier

Login

Who's Online

358 user(s) are online (250 user(s) are browsing Support Forums)


Members: 0


Guests: 358


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits