| Author |
Message |
![[Post New]](/forum/templates/html/images/icon_minipost_new.gif) 22/11/2004 10:25:31
|
Anonymous
|
high@ll
someone deleted all the entries from my guestbook yesterday! 
i just changed the password again, extremely complicated now (it was a little bit too easy before)
can someone tell me, how i can prevent this in the future?
is it normal, that i have to enter the password again and again in the administration menu although i just didn't klick anything for just two minutes?
please help me... 
greetings stratos
|
|
|
22/11/2004 11:14:14
|
Anonymous
|
You should seriously read the forum posts before posting. First, ensure you have html disallowed. Second, make sure you are not vulnerable to SQL injections. Seriously, it's not difficult, but if you dont bother then you can type anything for the username and let the password be ') OR (''=' and it logs you in to the admin section.
|
|
|
22/11/2004 14:01:12
|
Anonymous
|
thanks Anon
sorry i'm not a crack, what are SQL injections and how can i prevent them?
greetings stratos
|
|
|
22/11/2004 14:11:42
|
amber222
Graduate
Joined: 07/05/2004 21:13:07
Messages: 586
Offline
|
I just bumped the post with Carbonize's fix for version 2.2. If you are using this version, apply the fix or, better yet, upgrade to version 2.3.1.
|
|
|
|
|
![[Search]](/forum/templates/html/images/icon_mini_search.gif){kind=icon}
![[Hottest Topics]](/forum/templates/html/images/icon_mini_recentTopics.gif){kind=icon}
![[Members]](/forum/templates/html/images/icon_mini_members.gif){kind=icon}
![[FAQ]](/forum/templates/html/images/icon_mini_faq.gif){kind=icon}
![[Register]](/forum/templates/html/images/icon_mini_register.gif){kind=icon}
Register![[Login]](/forum/templates/html/images/icon_mini_login.gif){kind=icon}
Login
![[Up]](/forum/templates/html/images/icon_up.gif){kind=icon}