Web Application Platform (Security news) http://xoopscube.org/modules/Plugg/index.php?category_id=2&keyword=&q=%2Fxigg Recent news entries marked as popular XOOPS Cube Legacy 2.1.8a Released! http://xoopscube.org/modules/Plugg/index.php?q=%2Fxigg%2F155 XOOPS Cube Legacy 2.1.8a released. This is security fix version for SQL injection. You have to update your XCL 2.1.8 site to 2.1.8a. We have released the patch file including only diff files that is easy to update your site.See release log and download the patch.http://sourceforge.net/apps/mediawiki/xoopscube/index.php?title=Release_Logs:XOOPS_Cube_Legacy_2.1.8a XOOPS Cube Legacy 2.1.8a released. This is security fix version for SQL injection. You have to update your XCL 2.1.8 site to 2.1.8a. We have released the patch file including only diff files that is easy to update your site.

See release log and download the patch.

http://sourceforge.net/apps/mediawiki/xoopscube/index.php?title=Release_Logs:XOOPS_Cube_Legacy_2.1.8a

]]>
minahito 2010-11-14T00:15+09:00 Security news
XOOPS Cube Legacy 2.1.6a (security release) Released! http://xoopscube.org/modules/Plugg/index.php?q=%2Fxigg%2F121 The project released XOOPS Cube Legacy 2.1.6a that is security release for XCL 2.1.6 or less. You can download full-package 2.1.6a, diff package from 2.1.6 to 2.1.6a and patch package for 2.1.5 or less.This XSS security hole is level 2 of our security range in seriousness. The project recommends that you update as early as possible.
This XSS security hole is level 2 of our security range in seriousness. The project recommends that you update as early as possible.

more...

]]>
minahito 2009-04-02T12:00+09:00 Security news
[Important] xpWiki Ver 3.37 previously SQL Injection vulnerability found http://xoopscube.org/modules/Plugg/index.php?q=%2Fxigg%2F72 Hello ..everybody... The weakness of SQL injection was discovered to be before Version 3.37 when maintaining it. It immediately corrected with Ver. 3.38, and the version improves as soon as possible since Ver. 3.38 or make it to the access inhibit excluding the group that can put trust, please when you use a pertinent version. Please continue your favors toward prompt correspondence before this weakness is misused though time will be spent.
The weakness of SQL injection was discovered to be before Version 3.37 when maintaining it.

It immediately corrected with Ver. 3.38, and the version improves as soon as possible since Ver. 3.38 or make it to the access inhibit excluding the group that can put trust, please when you use a pertinent version.

Please continue your favors toward prompt correspondence before this weakness is misused
though time will be spent.

more...

]]>
nao-pon 2007-11-30T15:26+09:00 Security news
PopnupBlog XOOPS Module RFI Vulnerability http://xoopscube.org/modules/Plugg/index.php?q=%2Fxigg%2F59 PopnupBlog (XOOPS Module) Remote File Inclusion Vulnerability.Reported at http://13337.org/forum/viewtopic.php?p=799 Reported at http://13337.org/forum/viewtopic.php?p=799

more...

]]>
yoshis 2007-08-31T12:10+09:00 Security news
Command injection of phpmailer in XOOPS - PEAK XOOPS http://xoopscube.org/modules/Plugg/index.php?q=%2Fxigg%2F54 phpmailer library has a fatal security hole. If you change the mail mode from 'php mail()' to 'sendmail', your site may be attacked. Change the setting.GIJOE explains a part of this alert about XOOPS. I get it in his site. The next stable version will include the fix.
GIJOE explains a part of this alert about XOOPS. I get it in his site.

The next stable version will include the fix.

more...

]]>
minahito 2007-06-13T15:50+09:00 Security news
Xoops Local File Inclusion Vulnerabilities and Patch http://xoopscube.org/modules/Plugg/index.php?q=%2Fxigg%2F15 Security Advisory about XOOPS 2.0.14 JP was reported. If the register_globals option of your server is on, local files in server may be read. more...

]]>
minahito 2006-05-24T22:40+09:00 Security news