Language Attack

Reply·Subscribe
UFO360
UFO360Bosun
1715 posts
0
 

Language Attack

When i want  edit anything on manage Languages i'm getting errors and bugs report and attack to my email

here is the proof

Total impact: 6
Affected tags: xss, csrf, id

Variable: REQUEST.string_for_1 | Value: <div class=\"dbContentHtml\"><p> MySite is a social utility that connects people with friends and others who work, study and live around them. People use MySite to keep up with friends. Are you?.</p></div>


<div class=\"dbContentHtml\"><p><center><a target=\"_blank\" href=\"http://mysite.com/modules/?r=facebook_connect/login_form\">
<img src=\"http://mysite.com/images/connect_light_medium_long.gif\" width=\"169\" height=\"21\"></a></center></p></div>
Impact: 3 | Tags: xss, csrf, id
Description: Detects common comment types | Tags: xss, csrf, id | ID: 35

Variable: POST.string_for_1 | Value: <div class=\"dbContentHtml\"><p>LatinCrib is a social utility that connects people with friends and others who work, study and live around them. People use MySite to keep up with friends. Are you?.</p></div>


<div class=\"dbContentHtml\"><p><center><a target=\"_blank\" href=\"http://mysite/modules/?r=facebook_connect/login_form\">
<img src=\"http://mysite.com/images/connect_light_medium_long.gif\" width=\"169\" height=\"21\"></a></center></p></div>
Impact: 3 | Tags: xss, csrf, id
Description: Detects common comment types | Tags: xss, csrf, id | ID: 35

REMOTE_ADDR: 93.2X2.XX2.2X0
HTTP_X_FORWARDED_FOR: 
HTTP_CLIENT_IP:
Post Reply - if you going to help - No for - bla bla bla bla
Quote · 29 Oct 2009
Eli
EliAdvanced
870 posts
0
 

I had the same problem man , but i did take it the hard way and sweat all over how , i had to get the php lang file and edit what i want witch tooke me longer but it did save me getting that stupid possible attack message !

Let's hope the last version gonna be less hassle or maybe the perfect messiah everyone waiting for !

Peace and Bread .

Eli

Proud Hosted by Zarconia.net
Quote · 29 Oct 2009
UFO360
UFO360Bosun
1715 posts
0
 

i dont think the last version is going to work this people make betas for more bugs so good luck

Post Reply - if you going to help - No for - bla bla bla bla
Quote · 29 Oct 2009
CALTRADE
CALTRADEAdvanced
2898 posts
0
 

Eli - I understand why you are reporting bugs, but why are you trying to fix them?  This beta version is a complete dead end.  There will be no upgrade script and Boonex won't provide any help in moving to the next beta - or RC - whatever they do.

Quote · 29 Oct 2009
mauricecano
mauricecanoPremium
1327 posts
0
 

Cal, I would try to fix the bugs that I run into and don't see any sort of trac development.  That way, when they release a RC I can put in the bug fixes that boonex failed to cover.  I'm not sure what is considered a bug for trac, but there are many issues overlooked.  So in the end, if you keep track of your own bug fixes, you can compare that with trac and have a better version than whats released.

Quote · 29 Oct 2009
Reply ›
 
 
Home
Features
Pricing
Hosting
Support
About
StartDemo
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.

Blogs

Dolphin.Pro News
BoonEx News
Our Journey
Social Software World
Community Voice

Help

Support Forums
Documentation
BoonEx at GitHub
Knowledge Base
Contact Support Team

Product

Dolphin.Pro Features
Live Demo & Sandbox
Download Packages
Pricing & Order
Contact Sales Team

Company

Contact Us
About BoonEx
Privacy Policy
Terms & Conditions
© BoonEx Pty Ltd