If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register / 
[Login] Login 
Security  XML
Forum Index » General Discussion
Author Message
cndgirl
Beginner

Joined: 17/04/2004 18:27:27
Messages: 13
Offline

Is there some security issue's with this guestbook? I know first time I installed, made the mistake of deleting my database. BUT this time I once again lost my guestbook and It wasn't on my part!! wtf is going on with this script?
mittineague
Newbie

Joined: 05/06/2004 00:51:53
Messages: 1
Location: Massachusetts
Offline

I am using Guestbook v2.2 on a LAMP server. Periodically I check it for new posts. Today, (June 6, '04), the page displayed only the logo and the sign and admin links, and hung. When I checked the database tables, the data table was intact. However, the config table had been altered. The font_face field had been changed to end the font tag and write an iframe tag leading to another site, where the first action was an attempt to overwrite the browser's "home" setting. Although I have not been able to replicate the table alteration, I believe that the SECURITY HOLE is in the application's use of $_POST_VARS, and their not being validated. I have added a $_SESSION check - redirect, to my guestbook pages to limit it's use to legitimate site visitors. I will next add a preg_replace() to validate the $_POST_VARS. Hope this helps!

I have not failed. I've just found 10,000 ways that won't work. ~Thomas Edison
[WWW]
Kiseqer
Beginner

Joined: 21/06/2022 14:46:43
Messages: 15
Offline

Kommt auf das Unternehmen und seine Anforderungen an, denke ich. Ich habe nie etwas Ausgefallenes gesucht - ich habe gute Bekannte des Meisterschlüsseldienstes 370 https://schluesseldienst-365.de/schluesseldienst-in/stuttgart/ die zu jeder Tages- und Nachtzeit sowie am Wochenende arbeiten. Ich weiß, dass diese Leute in der Lage sein werden, Ihnen bei Bedarf zu Hilfe zu kommen. Wenn es also irgendwelche Nuancen mit den Türen gibt, können Sie sicher Kontakt aufnehmen. Sie werden nicht enttäuscht sein, das ist sicher.
Barry
Newbie

Joined: 28/09/2023 14:33:59
Messages: 1
Offline

Very usefull information.
 
Forum Index » General Discussion
Go to:   
Based on the open source JForum