Home > News > Security news

Security news

RSS feed
Search:
Showing 1 - 6 of 6
Sort by:

XOOPS Cube Legacy 2.1.8a Released!

0
Vote!
minahito
minahito submitted 2010/11/14 0:15, published 2010/11/14 0:15 | 49687 views
Tags: ,

XOOPS Cube Legacy 2.1.8a released. This is security fix version for SQL injection. You have to update your XCL 2.1.8 site to 2.1.8a. We have released the patch file including only diff files that is easy to update your site.

See release log and download the patch.

http://sourceforge.net/apps/mediawiki/xoopscube/index.php?title=Release_Logs:XOOPS_Cube_Legacy_2.1.8a

Comments (1) Trackbacks (0) Votes (0)
SourceForge.net: News: Package_Legacy 2.1.6a Release!(Security Fix)

XOOPS Cube Legacy 2.1.6a (security release) Released!

3
Vote!
minahito
minahito submitted 2009/4/2 12:00, published 2009/4/2 12:00 | 26300 views
Tags:
http%3A%2F%2Fsourceforge.net%2Fforum%2Fforum.php%3Fforum_id%3D936884

The project released XOOPS Cube Legacy 2.1.6a that is security release for XCL 2.1.6 or less. You can download full-package 2.1.6a, diff package from 2.1.6 to 2.1.6a and patch package for 2.1.5 or less.

This XSS security hole is level 2 of our security range in seriousness. The project recommends that you update as early as possible. more...

Comments (0) Trackbacks (0) Votes (3)
http://xoops.hypweb.net/modules/forum/index.php?topic_id=2190

[Important] xpWiki Ver 3.37 previously SQL Injection vulnerability found

5
Vote!
nao-pon
nao-pon submitted 2007/11/27 12:07, published 2007/11/30 15:26 | 30359 views
Tags: ,
http%3A%2F%2Fxoops.hypweb.net%2Fmodules%2Fforum%2Findex.php%3Ftopic_id%3D2190

Hello ..everybody...

The weakness of SQL injection was discovered to be before Version 3.37 when maintaining it.

It immediately corrected with Ver. 3.38, and the version improves as soon as possible since Ver. 3.38 or make it to the access inhibit excluding the group that can put trust, please when you use a pertinent version.

Please continue your favors toward prompt correspondence before this weakness is misused
though time will be spent. more...

Comments (2) Trackbacks (0) Votes (5)

PopnupBlog XOOPS Module RFI Vulnerability

4
Vote!
yoshis
yoshis submitted 2007/8/31 12:25, published 2007/8/31 12:10 | 22573 views
Tags:

PopnupBlog (XOOPS Module) Remote File Inclusion Vulnerability.
Reported at http://13337.org/forum/viewtopic.php?p=799 more...

Comments (0) Trackbacks (0) Votes (4)

Command injection of phpmailer in XOOPS - PEAK XOOPS

2
Vote!
minahito
minahito submitted 2007/6/13 15:53, published 2007/6/13 15:50 | 19203 views
Tags:

phpmailer library has a fatal security hole. If you change the mail mode from 'php mail()' to 'sendmail', your site may be attacked. Change the setting.

GIJOE explains a part of this alert about XOOPS. I get it in his site.

The next stable version will include the fix. more...

Comments (0) Trackbacks (0) Votes (2)

Xoops Local File Inclusion Vulnerabilities and Patch

2
Vote!
minahito
minahito submitted 2006/5/24 16:30, published 2006/5/24 22:40 | 18876 views
Tags:

Security Advisory about XOOPS 2.0.14 JP was reported. If the register_globals option of your server is on, local files in server may be read. more...

Comments (0) Trackbacks (0) Votes (2)

    Welcome | News | Overview | Documentation | Forum | Tutorialstop
    Brasilian | French | German | Greek | Japanese | Korean | Russian | T-Chinese
    Powered by XOOPS Cube © 2001-2011 The XOOPS Cube Project