Date: Wed, 03 Mar 2004 17:55:29 +0100 From: Oliver Eikemeier <eikemeier@fillmore-labs.com> To: Simon Barner <barner@in.tum.de> Cc: rfa@msumain.edu.ph Subject: Re: phpnuke forbidden, how to install? Message-ID: <40460E01.5030500@fillmore-labs.com> In-Reply-To: <20040303164132.GC427@zi025.glhnet.mhn.de> References: <3665.203.177.105.170.1078314472.squirrel@bayok.msumain.edu.ph> <40460606.6000805@fillmore-labs.com> <20040303164132.GC427@zi025.glhnet.mhn.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Simon Barner wrote: > Oliver Eikemeier wrote: > >>rfa@msumain.edu.ph wrote: >> >>>i wanted to install phpnuke for content but after cvsuping i found out that >>> >>>===> phpnuke-6.9 is forbidden: SQL injection vulnerability in Php-Nuke <= >>>7.1.0. >>> >>>and i checked the phpnuke website, they have a patched version of phpnuke. >> >>Where did you find that? I can't even find a security link. > > He probably refers to the following two fixes from 2003 (from which I > produced my bad patch :(( > > http://www.phpnuke.org/modules.php?name=Downloads&d_op=search&query=security > > Security Fixes for PHP-Nuke 6.0 (1+2). What's really spooky about pkpnuke is that they don't even release advisories. It seems like they even delete threads which deal with hacked versions.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?40460E01.5030500>