spacer.png, 0 kB
Our new screenshot tour is done. (well, almost) Take a look here if you're new to Taskhopper.
 
Home
About You
Overview
Features
Benefits
What do you get?
Getting started
Support
Get Updates!
Screenshots
Download
About Us *
Feedback...
History
Forum
FAQs
spacer.png, 0 kB 		spacer.png, 0 kB

Task Hopper Forum

homepost replythreaded viewhelp
 
Forum List Task Hopper Forum Bugs
avatar kase
Admin 		 
RFI Vulnerabilities - 2007/04/13 13:44
Someone posted an PHP exploit on 10-April via www.milw0rm.com, which was titled "Joomla/Mambo Component Taskhopper 1.1 RFI Vulnerabilities" We have found no intrusions to any of the sites we manage, however traffic to any site that has "com_thopper" in Google likely received a spike on the 10th and 11th.

We have asked the author of this post to explain why he directed this at Taskhopper, because it was unrelated to a security issue with TH.
The administrator has disabled public write access.

avatar kase
Admin 		 
Re:RFI Vulnerabilities - 2007/04/16 11:58
We have updated the 7 files in the /inc directory to include the "No mos or die" -- if you want to patch your system edit these files

/com_thopper/inc/contact_type.php
/com_thopper/inc/itemstatus_type.php
/com_thopper/inc/projectstatus_type.php
/com_thopper/inc/request_type.php
/com_thopper/inc/responses_type.php
/com_thopper/inc/timelog_type.php
/com_thopper/inc/urgency_type.php

to include

defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' );
The administrator has disabled public write access.

Forum List Task Hopper Forum Bugs
Joomlaboard Forum Component 1.1.6-svn
Two Shoes M-Factory
spacer.png, 0 kB

Products We Like


spacer.png, 0 kB
spacer.png, 0 kB
spacer.png, 0 kB
spacer.png, 0 kB