Main Menu
Our Sponsors
Chi Kien Uong
Geranienstraße 30
71034 Böblingen
Deutschland / Germany
If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register /  [Login] Login 
Advance Guestbook hacking from the browser name  XML
Forum Index » Advanced Guestbook Forum
Author Message
[Post New]29/07/2005 17:27:55
    Subject: Advance Guestbook hacking from the browser name
[Up]
Capone
Newbie

Joined: 29/06/2005 14:35:17
Messages: 4
Offline
Hi, my advance guestbook has been hacked again, now the hacker change his browser name for this code "><iframe src="http://tus.jovencitasx.com/hacked/"> and the guestbook show a single message and big frame.

Can someone helpme?

Regars
Capone
[Post New]29/07/2005 23:28:43
    Subject:
[Up]
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline
This is why you should update to 2.3.3
Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
[Post New]30/07/2005 16:16:10
    Subject:
[Up]
BassX
Beginner

Joined: 21/06/2005 18:14:41
Messages: 5
Offline
Go into the Admin Section of your Guestbook and delete that post. Then, as Carbonize pointed out, update to 2.3.3
[Post New]30/07/2005 16:29:54
    Subject:
[Up]
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline
I had the same moron try it on my guestbook at the same time and I'm not even using Advanced Guestbook which proves what a moron they are. You don't really have to update to 2.3.3 as patchng the exploit is simple.

Open lib/add.class.php and find

or it may be


replace it with
Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
 
Forum Index » Advanced Guestbook Forum
Go to:   
Based on the open source JForum