Xoops site hacked! [Xoops Bug Reports] - XOOPS Web Application System

Xoops site hacked!

2005/7/7 18:50
sikey
Not too shy to talk
Posts: 151
Since: 2003/4/29

I would like to warn all XOOPS 2.0.6 users to upgrade their sites! My site was hacked last night. the thing i can see is located in db%3Asystem_block_user.html -> someone added this...

Quote:

<script>document.location="http://www.varialis.com";</script>

Is this a known risk in this XOOPS version?

Xoops and Adsense Tips!

Software Downloads

Re: Xoops site hacked!

2005/7/7 19:08
Mithrandir
XOOPS is my life!
Posts: 6320
Since: 2003/6/21

Until we know how the file was changed, we can't really judge the risk.

"When you can flatten entire cities at a whim, a tendency towards quiet reflection and seeing-things-from-the-other-fellow's-point-of-view is seldom necessary."

Cusix Software

Re: Xoops site hacked!

2005/7/7 20:49
sikey
Not too shy to talk
Posts: 151
Since: 2003/4/29

Can you help me find out how the file was changed?

Xoops and Adsense Tips!

Software Downloads

Stats
Goal:	$100.00
Due Date:	May 31
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

Xoops site hacked!

Re: Xoops site hacked!

Re: Xoops site hacked!

Login

Search

Recent Posts

Re: Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Re: NewBB v 5.1.0 b 6

Re: NewBB v 5.1.0 b 6

NewBB v 5.1.0 b 6

Re: XOOPS 2.5.11 search user is not working

Re: oledrion

Re: oledrion

Re: oledrion

Re: oledrion

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}