Home > News > Security news

Security news

RSS feed
Showing 1 - 6 of 6
Sort by:

XOOPS Cube Legacy 2.1.8a Released!

minahito submitted 2010/11/14 0:15, published 2010/11/14 0:15 | 58051 views
Tags: ,

XOOPS Cube Legacy 2.1.8a released. This is security fix version for SQL injection. You have to update your XCL 2.1.8 site to 2.1.8a. We have released the patch file including only diff files that is easy to update your site.

See release log and download the patch.


XOOPS Cube Legacy 2.1.6a (security release) Released!

minahito submitted 2009/4/2 12:00, published 2009/4/2 12:00 | 30129 views

The project released XOOPS Cube Legacy 2.1.6a that is security release for XCL 2.1.6 or less. You can download full-package 2.1.6a, diff package from 2.1.6 to 2.1.6a and patch package for 2.1.5 or less.

This XSS security hole is level 2 of our security range in seriousness. The project recommends that you update as early as possible. more...

[Important] xpWiki Ver 3.37 previously SQL Injection vulnerability found

nao-pon submitted 2007/11/27 12:07, published 2007/11/30 15:26 | 34238 views
Tags: ,

Hello ..everybody...

The weakness of SQL injection was discovered to be before Version 3.37 when maintaining it.

It immediately corrected with Ver. 3.38, and the version improves as soon as possible since Ver. 3.38 or make it to the access inhibit excluding the group that can put trust, please when you use a pertinent version.

Please continue your favors toward prompt correspondence before this weakness is misused
though time will be spent. more...

PopnupBlog XOOPS Module RFI Vulnerability

yoshis submitted 2007/8/31 12:25, published 2007/8/31 12:10 | 25158 views

PopnupBlog (XOOPS Module) Remote File Inclusion Vulnerability.
Reported at http://13337.org/forum/viewtopic.php?p=799 more...

Command injection of phpmailer in XOOPS - PEAK XOOPS

minahito submitted 2007/6/13 15:53, published 2007/6/13 15:50 | 21623 views

phpmailer library has a fatal security hole. If you change the mail mode from 'php mail()' to 'sendmail', your site may be attacked. Change the setting.

GIJOE explains a part of this alert about XOOPS. I get it in his site.

The next stable version will include the fix. more...

Xoops Local File Inclusion Vulnerabilities and Patch

minahito submitted 2006/5/24 16:30, published 2006/5/24 22:40 | 21577 views

Security Advisory about XOOPS 2.0.14 JP was reported. If the register_globals option of your server is on, local files in server may be read. more...

    Welcome | News | Overview | Documentation | Forum | Tutorialstop
    Brasilian | French | German | Greek | Japanese | Korean | Russian | T-Chinese
    Powered by XOOPS Cube 2001-2011 The XOOPS Cube Project