If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register / 
[Login] Login 
Security Issues  XML
Forum Index » Support Forum
Author Message
edfel
Beginner

Joined: 27/04/2002 18:24:50
Messages: 9
Location: Cayey, Puerto Rico
Offline

Hi:

Could someone tell IF these security issues are still present on AP:
http://www.auditmypc.com/network-security/network-security-582006.asp

This is very important, IMO.

Later

:roll: :? :cry:
[Email]
edfel
Beginner

Joined: 27/04/2002 18:24:50
Messages: 9
Location: Cayey, Puerto Rico
Offline

Hi:

It appears the security problem is related with magic_quotes_gpc.

If magic_quotes_gpc is disabled, a remote attacker could send specially-crafted SQL statements to the include/class_poll.php script using the User-Agent header value, which could allow the attacker to add, modify, or delete information in the back-end database.


An alternative is to be sure magic_quotes_gpc is ON.

Later

8)
[Email]
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

Yes they are probably still valid but this is why AP 2.0.5 is in development and available on the downloads page.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
 
Forum Index » Support Forum
Go to:   
Based on the open source JForum