WF-Sections V2: New Exploits and Security Issues (Users MUST READ this)
Category : Security
Published by Mamba on 15-Apr-2008 08:03
As always, XOOPS developers are committed to ensuring the highest security of XOOPS code. The message below comes from Catzwolf:


If you are still using WF-Sections v1+ and v2+ then I suggest that you read this please.

It has come to my attention that there is a few very bad security exploits that some people could use to gain access to your website. I suggest that all users of this module should either:

1. Deactivate the module for the time being (recommended) or..
2. Renaming XOOPS_ROOT_PATH/modules/wfsections/ratefile.php and print.php.

I am now in the process of doing a full audit of all the WF-Sections code and closing these and all possible security risks that may arise in the future.

I will keep you all posted on an update.

John (AkA Catzwolf)

To follow the story, please visit our discussion Forum.