Main Menu
Our Sponsors
Chi Kien Uong
Geranienstraße 30
71034 Böblingen
Deutschland / Germany
If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register /  [Login] Login 
Security Issues  XML
Forum Index » Support Forum
Author Message
[Post New]17/09/2006 20:56:52
    Subject: Security Issues
[Up]
edfel
Beginner

Joined: 27/04/2002 18:24:50
Messages: 9
Location: Cayey, Puerto Rico
Offline
Hi:

Could someone tell IF these security issues are still present on AP:
http://www.auditmypc.com/network-security/network-security-582006.asp

This is very important, IMO.

Later

:roll: :? :cry:
[Email]
[Post New]17/09/2006 23:50:28
    Subject:
[Up]
edfel
Beginner

Joined: 27/04/2002 18:24:50
Messages: 9
Location: Cayey, Puerto Rico
Offline
Hi:

It appears the security problem is related with magic_quotes_gpc.

If magic_quotes_gpc is disabled, a remote attacker could send specially-crafted SQL statements to the include/class_poll.php script using the User-Agent header value, which could allow the attacker to add, modify, or delete information in the back-end database.


An alternative is to be sure magic_quotes_gpc is ON.

Later

8)
[Email]
[Post New]19/09/2006 11:23:53
    Subject:
[Up]
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline
Yes they are probably still valid but this is why AP 2.0.5 is in development and available on the downloads page.
Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
 
Forum Index » Support Forum
Go to:   
Based on the open source JForum