PEAK XOOPS - News in englishin japanese

Archive | RSS |
  
Poster : GIJOE on 2005-11-16 05:03:00 (9763 reads)

in englishin japanese

TITLE:
Xoops "xoopsConfig[language]" Local File Inclusion Vulnerability

SECUNIA ADVISORY ID:
SA17573

VERIFY ADVISORY:
http://secunia.com/advisories/17573/

CRITICAL:
Moderately critical

IMPACT:
Exposure of sensitive information

WHERE:
>From remote

SOFTWARE:
Xoops 2.x
http://secunia.com/product/327/

DESCRIPTION:
rgod has discovered a vulnerability in Xoops, which can be exploited
by malicious people to disclose sensitive information.



This POC is just under the environment with register_globals on.
All you have to do is turn register_globals off.

And there are a mistake in "SOFTWARE" section.

Quote:


SOFTWARE:
Xoops 2.2.x


There are no such vulnerablities with 2.0.13.2 and 2.0.13a-JP


0 comments

Poster : GIJOE on 2005-11-13 07:00:58 (11801 reads)

in englishin japanese

Fatal error: Only variables can be passed by reference

has occorred in PHP 5.0.5.

Though It looks is almost a bug of PHP 5.0.5, I have to modify my codes for the environments.

I've already fixed myblocksadmin and mymenu.
The other modules will be mofidied later.

0 comments

Poster : GIJOE on 2005-11-12 06:27:37 (11776 reads)

in englishin japanese



I'll release my second book named "PHP Cyber-Terrorizing".

In this book, I wrote the practical tecnique to protect from almost attacks via web application writting in PHP like XOOPS.


"PHP Cyber-Terrorizing" by GIJOE
Socym http://www.socym.co.jp/
release date 2005/11/25


Poster : GIJOE on 2005-11-12 06:01:26 (18360 reads)

in englishin japanese
I'm sorry that I'm absent from XOOPS world.
That's caused by my hard works
Since almost works has ended, I'll start to maintain my modules and my site soon.


Poster : GIJOE on 2005-08-10 05:43:39 (11405 reads)

in englishin japanese

myblocksadmin is code flagments for developpers to achive blocks/groups admin by each modules.

I've just modified myblocksadmin for XOOPS 2.2.

If you use myblocksadmin, update it please.
It makes your module "XOOPS 2.2 compatible".

And I've just updated xhld, and I've confirmed xhld 3.00 works fine with XOOPS 2.2.
(Hey, Mithrandir! I've kept the promise with you. )


I know the implementations for 2.2 is not perfect yet.

TODO:
- escape the routine for restoring block's option in X2.2
- "edit block" in myblocksadmin
- "delete block" in myblocksadmin
- custom block for "blocksadmin module"


« 1 2 3 (4) 5 6 7 ... 13 »
Login
Username or e-mail:

Password:

Remember Me

Lost Password?

Register now!