If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register / 
[Login] Login 
Advance Guestbook hacking from the browser name  XML
Forum Index » Advanced Guestbook Forum
Author Message
Capone
Newbie

Joined: 29/06/2005 14:35:17
Messages: 4
Offline

Hi, my advance guestbook has been hacked again, now the hacker change his browser name for this code "><iframe src="http://tus.jovencitasx.com/hacked/"> and the guestbook show a single message and big frame.

Can someone helpme?

Regars

Capone
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

This is why you should update to 2.3.3

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
BassX
Beginner

Joined: 21/06/2005 18:14:41
Messages: 5
Offline

Go into the Admin Section of your Guestbook and delete that post. Then, as Carbonize pointed out, update to 2.3.3
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

I had the same moron try it on my guestbook at the same time and I'm not even using Advanced Guestbook which proves what a moron they are. You don't really have to update to 2.3.3 as patchng the exploit is simple.

Open lib/add.class.php and find

or it may be


replace it with

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
 
Forum Index » Advanced Guestbook Forum
Go to:   
Based on the open source JForum