XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. XOOPS Modules Support forums / 
  3. Module reviews 
  4.  / Not Safe or Recommended Module List! Are they Hackable?
Register
1
script_fu
Not Safe or Recommended Module List! Are they Hackable?

/modules/xt_conteudo/admin/spaw/spaw_control.class.php
/modules/cjaycontent/admin/editor2/spaw_control.class.php
/modules/tinycontent/admin/spaw/spaw_control.class.php
/modules/xfsection/modify.php
/modules/icontent/include/wysiwyg/spaw_control.class.php

These modules have never been installed on my sites. Yet people are trying to access this? Looks like spaw is a problem? Is this correct?

Whats in your logs?
2
skenow
Re: Not Safe or Recommended Module List! Are the Hackable?

  • 2007/10/18 23:35

  • skenow

  • Home away from home

  • Posts: 993

  • Since: 2004/11/17


Yes - SPAW is vulnerable
3
script_fu
Re: Not Safe or Recommended Module List! Are they Hackable?

I missed that one. I am on here all the time. Thats scary I wonder what else I have missed? Heck what about the rest of the public?

Hum where is the security page for xoops. There should be a block on the front of this site. With a link to all know security issues with XOOPS that can be solved. Date should be added to the report to give weight to the issue and how it was solved and when.
4
script_fu
Re: Not Safe or Recommended Module List! Are they Hackable?

I haven't looked in the drop down box in the news section in years. I forgot it was even there.
5
script_fu
Re: Not Safe or Recommended Module List! Are they Hackable?

There still should be a link to it on the front page thats says security.
6
MadFish
Re: Not Safe or Recommended Module List! Are they Hackable?

  • 2007/10/19 1:20

  • MadFish

  • Friend of XOOPS

  • Posts: 1056

  • Since: 2003/9/27


Definitely, not very user friendly (I don't think I've ever noticed that before!). And an email alert to members when there's a security issue would help get people's sites patched quickly too.
7
script_fu
Re: Not Safe or Recommended Module List! Are they Hackable?

Yep the lost categories... Whats up with that? It shocked me when I found them! Where did they come from? lol

I do remember going thru what was there years ago. Never gave it any thought after that. I always turn that block off in my XOOPS sites its a waste of time and link directly to the cat.
8
skenow
Re: Not Safe or Recommended Module List! Are they Hackable?

  • 2007/10/19 2:40

  • skenow

  • Home away from home

  • Posts: 993

  • Since: 2004/11/17


Quote:

script_fu wrote:
Yep the lost categories... Whats up with that? It shocked me when I found them! Where did they come from? lol

I do remember going thru what was there years ago. Never gave it any thought after that. I always turn that block off in my XOOPS sites its a waste of time and link directly to the cat.


Something to consider as the site is 'redesigned' (repurposed might be closer to the real need) - what to put on the main page?

Recent News - definitely, but need to look at the categories and how articles gain the spotlight. My perspective - I come here for the news about XOOPS and its development, and examples of how XOOPS is used. More important than the latest forum post is the information about XOOPS and what is relevant. From a marketing perspective, the recent news and spotlight does more to send people away than it does to attract.

Getting started - what do I need, where do I get it and what do I do next?

Navigation to the other things I might need - support, documentation, modules and themes. K.I.S.S.
9
snow77
Re: Not Safe or Recommended Module List! Are they Hackable?

  • 2007/10/19 4:19

  • snow77

  • Just can't stay away

  • Posts: 864

  • Since: 2003/7/23


Quote:
/modules/xt_conteudo/admin/spaw/spaw_control.class.php
/modules/cjaycontent/admin/editor2/spaw_control.class.php
/modules/tinycontent/admin/spaw/spaw_control.class.php
/modules/xfsection/modify.php
/modules/icontent/include/wysiwyg/spaw_control.class.php


Why use 5 content modules when 1 can do everything? Find a content module that's enough group permissions to do what you need and use categories to divide sections. Koivi and xoopseditors have worked well enough for what I've built. None is perfection but spaw in XOOPS isn't it.

BTW, SPAW should had been a word in your subject.
10
Bassman
Re: Not Safe or Recommended Module List! Are they Hackable?

  • 2007/10/19 5:32

  • Bassman

  • Friend of XOOPS

  • Posts: 1272

  • Since: 2003/5/23


Quote:

snow77 wrote:
Quote:
/modules/xt_conteudo/admin/spaw/spaw_control.class.php
/modules/cjaycontent/admin/editor2/spaw_control.class.php
/modules/tinycontent/admin/spaw/spaw_control.class.php
/modules/xfsection/modify.php
/modules/icontent/include/wysiwyg/spaw_control.class.php


Why use 5 content modules when 1 can do everything? Find a content module that's enough group permissions to do what you need and use categories to divide sections. Koivi and xoopseditors have worked well enough for what I've built. None is perfection but spaw in XOOPS isn't it.

BTW, SPAW should had been a word in your subject.


He didn't say he was using them. He said someone is looking for them on his site to exploit them to hack.
(1) 2 »

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

457 user(s) are online (323 user(s) are browsing Support Forums)

Members: 0

Guests: 457

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits