Nice Calendar.. BUT this one can not use Pictures/Flyer/Logos ... so anyone knows a good one with able to upload flyerFloranett wrote:albi wrote:Thanks alot albi m8, but can this be used with Mambo 4.5.3?Floranett wrote: Is there a new secure version of ExtCalender we can use?
[/quote
http://extensions.joomla.org/component/ ... Itemid,35/
[UPGRADE AVAIL.] ExtCalendar Vulnerability
Moderator: General Support Moderators
Forum rules
-
- Joomla! Apprentice
- Posts: 34
- Joined: Tue May 23, 2006 3:33 pm
Re: ExtCalendar
- nathandiehl
- Joomla! Champion
- Posts: 6044
- Joined: Fri Aug 19, 2005 3:03 pm
- Location: Indiana, USA
- Contact:
Re: ExtCalendar
It might work on a mambo install, but you might seriously consider switching to Joomla!. after the forthcoming 1.5, mambo and Joomla! will continue to become more and more different.Floranett wrote: Thanks alot albi m8, but can this be used with Mambo 4.5.3?
Meaning, although it may work now, if, in six months there is a high-level security issue, the coders will fix it for 1.5 and likely will not worry about the 1.0.x codebase.
I would suggest you either convert to Joomla!, where you can obviously get more and better support, or else use a calendar component which will continue to be supported on mambo.
If you're new to Joomla, Please read Anna's Joomla! Tips: http://forum.joomla.org/viewtopic.php?t=5503
http://nathandiehl.com | Find out what makes me tick
http://nathandiehl.com | Find out what makes me tick
-
- Joomla! Enthusiast
- Posts: 160
- Joined: Sun Mar 12, 2006 7:11 pm
Re: ExtCalendar
Thank for the tip @nathandiehl , and I've seriously thinking about it. BUT...my site is BIG with a lot of components and modules ++ ..so Im a bit afraid not everything will work ok if I made the switch to Joomlanathandiehl wrote:It might work on a mambo install, but you might seriously consider switching to Joomla!. after the forthcoming 1.5, mambo and Joomla! will continue to become more and more different.Floranett wrote: Thanks alot albi m8, but can this be used with Mambo 4.5.3?
Meaning, although it may work now, if, in six months there is a high-level security issue, the coders will fix it for 1.5 and likely will not worry about the 1.0.x codebase.
I would suggest you either convert to Joomla!, where you can obviously get more and better support, or else use a calendar component which will continue to be supported on mambo.
Can you have a look @nathandiehl and pm me what you think?
I'll pm you my website url.
-
- Joomla! Intern
- Posts: 90
- Joined: Wed Sep 28, 2005 12:52 am
- Location: New York, USA
Re: ExtCalendar
Read RobS' suggestion above in this discussion thread:n0fear2 wrote: // no direct access
defined( '_VALID_MOS' ) or die( 'Restricted access' );
insert this in extcal.php as far as i read this fiexes the problem? RIGHT?
http://forum.joomla.org/index.php/topic ... #msg390097
You need to add those lines to every file of the extcal component. That is a minimum fix, there still may be other problems found.
-
- Joomla! Apprentice
- Posts: 18
- Joined: Sat Jun 24, 2006 12:18 am
Re: ExtCalendar
I'm fairly new to Joomla and have several questions I'm hoping someone can answer to help clarify this situation.
The first issue, is as a stop-gap measure how to prevent the extCalendar from being exploited.
2) What is the best way to temporarily disable extCalendar until it becomes clearer whether a security update will be released or we need to change to a new calendar component?
3) As someone else asked, in what file is the "Powered by extCalendar" text. If that's what hackers are searching for it could help to remove that text.
The next issue is where do we go from here...
4) Is there a process for continuing the development of a component that is no longer being actively worked on by the original developer? Can/will someone else take over the development of this component?
5) What alternative calendar components are available? I've seen eventCal mentioned 1.5 mentioned, but consider it was only released today I'm concerned that it has not been put through its paces and could be buggy or even have security holes itself.
The first issue, is as a stop-gap measure how to prevent the extCalendar from being exploited.
1) Does this plug the hole and allow you to continue using extCalendar or does it suspend access to the extCalendar?danialt wrote: Put the
defined('_VALID_MOS') or die('Direct Access to this location is not allowed.');
on the top of extcalendar.php..
2) What is the best way to temporarily disable extCalendar until it becomes clearer whether a security update will be released or we need to change to a new calendar component?
3) As someone else asked, in what file is the "Powered by extCalendar" text. If that's what hackers are searching for it could help to remove that text.
The next issue is where do we go from here...
4) Is there a process for continuing the development of a component that is no longer being actively worked on by the original developer? Can/will someone else take over the development of this component?
5) What alternative calendar components are available? I've seen eventCal mentioned 1.5 mentioned, but consider it was only released today I'm concerned that it has not been put through its paces and could be buggy or even have security holes itself.
Last edited by pdstein on Tue Jul 11, 2006 2:23 pm, edited 1 time in total.
-
- Joomla! Apprentice
- Posts: 45
- Joined: Thu May 11, 2006 10:34 pm
Re: ExtCalendar
config.php has the statement in the script. I am changing other files now.RobS wrote: There is a com_events and another calender that I have heard will be released tomorrow so stay tuned to the Extensions page and check that out.
Thanks.
- nathandiehl
- Joomla! Champion
- Posts: 6044
- Joined: Fri Aug 19, 2005 3:03 pm
- Location: Indiana, USA
- Contact:
Re: ExtCalendar
1. There is no guarantee this is the only hole. It might work. It might not. Development stopped on extCal2 a few years ago.pdstein wrote: I'm fairly new to Joomla and have several questions I'm hoping someone can answer to help clarify this situation.
The first issue, is as a stop-gap measure how to prevent the extCalendar from being exploited.
1) Does this plug the hole and allow you to continue using extCalendar or does it suspend access to the extCalendar?danialt wrote: Put the
defined('_VALID_MOS') or die('Direct Access to this location is not allowed.');
on the top of extcalendar.php..
2) What is the best way to temporarily disable extCalendar until it becomes clearer whether a security update will be released or we need to change to a new calendar component?
3) As someone else asked, in what file is the "Powered by extCalendar" text. If that's what hackers are searching for it could help to remove that text.
The next issue is where do we go from here...
4) Is there a process for continuing the development of a component that is no longer being actively worked on by the original developer? Can/will someone else take over the development of this component?
5) What alternative calendar components are available? I've seen eventCal mentioned 1.5 mentioned, but consider it was only released today I'm concerned that it has not been put through its paces and could be buggy or even have security holes itself.
2. There will be no security update from the developer. It has not been developed for years, and it is unreasonable to assume an official fix will be issued. (although i give a 0.05% chance we could see a fix)
3. ahhh..do a search on your local computer for the text in a file. i don't know off hand. but this isn't a very good 'anti-hacking' scheme. pretty easy to get around.
4. haven't heard of any development in several years. You are welcome to further develop the component and release an update.
5. extensions site is here: http://extensions.joomla.org search for calendars.
If you're new to Joomla, Please read Anna's Joomla! Tips: http://forum.joomla.org/viewtopic.php?t=5503
http://nathandiehl.com | Find out what makes me tick
http://nathandiehl.com | Find out what makes me tick
-
- Joomla! Apprentice
- Posts: 11
- Joined: Mon Nov 21, 2005 8:50 pm
Re: ExtCalendar
I too was hit by this hack on Saturday evening, but thank goodness for BigApe
I wondered about what steps I need to take to protect my site. Is it enough to disable the ExCal modules, do I need to rename the folder they are in, or should I just uninstall the component completely?
Thanks for your advice.
DP
I wondered about what steps I need to take to protect my site. Is it enough to disable the ExCal modules, do I need to rename the folder they are in, or should I just uninstall the component completely?
Thanks for your advice.
DP
- RobS
- Joomla! Ace
- Posts: 1366
- Joined: Mon Dec 05, 2005 10:17 am
- Location: New Orleans, LA, USA
- Contact:
Re: ExtCalendar
I would suggest you uninstall completely.
Rob Schley - Open Source Matters
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
- norman
- Joomla! Enthusiast
- Posts: 107
- Joined: Thu Aug 18, 2005 2:25 pm
- Location: us
- Contact:
Re: ExtCalendar
I have tried the repair suggested in this forum, but the only thing holding this hack at bay are my php.ini disallow settings and my security settings in httpd.conf.
too bad no one is working on this component as it really is the best of its kind.
How can I get more information about what this exploit is trying to do? I have a copy of the one that is trying to crack my sites.
too bad no one is working on this component as it really is the best of its kind.
How can I get more information about what this exploit is trying to do? I have a copy of the one that is trying to crack my sites.
"The journey is the destination"
-
- Joomla! Apprentice
- Posts: 46
- Joined: Wed Nov 30, 2005 3:42 pm
Re: ExtCalendar
Is it normal to still have install.extcalendar.php in the com_extcalendar folder ?
I deleted it.
No effect on the calendar which seems to run fine without it.
I was always told all install files should be deleted.
Am I wrong ?
I deleted it.
No effect on the calendar which seems to run fine without it.
I was always told all install files should be deleted.
Am I wrong ?
- RobS
- Joomla! Ace
- Posts: 1366
- Joined: Mon Dec 05, 2005 10:17 am
- Location: New Orleans, LA, USA
- Contact:
Re: ExtCalendar
From what I remember they were only supposed to be run during the installation process. If the component's xml file were misconfigured it could cause it to be installed like a regular file and therefore stick around after the installation process ended.
Rob Schley - Open Source Matters
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
-
- Joomla! Fledgling
- Posts: 2
- Joined: Fri Sep 16, 2005 10:43 am
Re: ExtCalendar
http://www.frsirt.com/english/reference/15352
I've tried the xploit on my local server and it really works: the .txt file passed in the url is opened in the browser...
I added the two rows:
/** ensure this file is being included by a parent file */
defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' );
and the exploit do not work again
Is it possible that it is the only patch?
I've searched for the string "global $mosConfig_absolute_path;" and i've founded it only in com_extcalendar/extcalendar.php
Anyone has any idea?
I've tried the xploit on my local server and it really works: the .txt file passed in the url is opened in the browser...
I added the two rows:
/** ensure this file is being included by a parent file */
defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' );
and the exploit do not work again
Is it possible that it is the only patch?
I've searched for the string "global $mosConfig_absolute_path;" and i've founded it only in com_extcalendar/extcalendar.php
Anyone has any idea?
- RobS
- Joomla! Ace
- Posts: 1366
- Joined: Mon Dec 05, 2005 10:17 am
- Location: New Orleans, LA, USA
- Contact:
Re: ExtCalendar
Yes, this is one of the ways to fix it, for now. We are not sure if that will solve all of the problems related to that script though. Also, make sure that you add that code to all of the files that extCalendar installed in components/com_extcalendar/ and administrator/components/com_extCalendar/. I must advise that you try to migrate to another Calendar component as extCalendar has not been developed for a long time and could easily have more security issues.
Rob Schley - Open Source Matters
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
-
- Joomla! Fledgling
- Posts: 2
- Joined: Fri Sep 16, 2005 10:43 am
Re: ExtCalendar
I've seen that in the file cal_popup.php of extcalendar component there are these code lines:
/** Set flag that this is a parent file */
define( '_VALID_MOS', 1 );
why???
/** Set flag that this is a parent file */
define( '_VALID_MOS', 1 );
why???
-
- Joomla! Explorer
- Posts: 469
- Joined: Thu Aug 18, 2005 10:40 pm
- Location: las vegas USA
- Contact:
Re: ExtCalendar
Maturity: Alphaalbi wrote:http://extensions.joomla.org/component/ ... Itemid,35/Floranett wrote: Is there a new secure version of ExtCalender we can use?
yeah, but eventcal is alfa version yet. that might mess up joomla very easy
installing any alfa 3P componants is not a good idea in my opinion
joomla 1.6 Türk destek sitesi http://www.joomlaturk.net/
-
- Joomla! Enthusiast
- Posts: 160
- Joined: Sun Mar 12, 2006 7:11 pm
Re: ExtCalendar
Tried it and wount work with Mombo 4.5.3.mamboturk wrote:Maturity: Alphaalbi wrote:http://extensions.joomla.org/component/ ... Itemid,35/Floranett wrote: Is there a new secure version of ExtCalender we can use?
yeah, but eventcal is alfa version yet. that might mess up joomla very easy
installing any alfa 3P componants is not a good idea in my opinion
Also been in contact with the author Kay through email telling me there probably be another version soon
- PhilTaylor-Prazgod
- Joomla! Ace
- Posts: 1402
- Joined: Sat Aug 20, 2005 12:32 pm
- Location: Jersey, Channel Islands
- Contact:
Re: ExtCalendar
Thanks to Greg, inthe team here at Blue Flame IT Ltd, for his hard work this week where we have de-hacked over 20 websites for customers globally.
See his recent post on the Latest news of http://www.phil-taylor.com/
See his recent post on the Latest news of http://www.phil-taylor.com/
A number of sites have been hacked due to a security vulnerability in extcalendar. There are a couple of issues which need to be considered in relation to this. Firstly all Joomla php files (other than the index.php files) should contain a line which prevents direct access to the file froma web browser. This line does the trick:
defined( ‘_VALID_MOS’ ) or die( ‘Restricted access’ );
This should be the first line of php code in the file.
Secondly if php is configured with allow_url_fopen set to “On” then the php code will be potentially able to open files on other servers, so the programmer must be very careful not to allow global variables in include/require statements.
A patched version of extcalendar.php is available to download (Link on the blog at http://blog.phil-taylor.com/ )
More information on register_globals. (Link on the blog at http://blog.phil-taylor.com/ )
Phil Taylor
- https://mySites.guru - Manage Multiple Joomla/WordPress Sites In One Dashboard for Security, Audits, Backups and more....
- https://www.phil-taylor.com/
- https://mySites.guru - Manage Multiple Joomla/WordPress Sites In One Dashboard for Security, Audits, Backups and more....
- https://www.phil-taylor.com/
- mediaguru
- Joomla! Enthusiast
- Posts: 142
- Joined: Mon Sep 19, 2005 3:56 am
- Location: USA
- Contact:
Re: ExtCalendar
I had a client's site get hacked. Fixed it and they hacked it again. So I've removed extcal since it wasn't used on this site much anyway. We'll see if that solves it.
-
- Joomla! Intern
- Posts: 50
- Joined: Sun Nov 20, 2005 9:05 pm
Re: ExtCalendar
I found it in the language file for extCalendar. There is a 'Powered by %S' defined as the signature. I blanked it out for now, but since the search engines cache pages of your site, it is not the best fix.danialt wrote: 3) As someone else asked, in what file is the "Powered by extCalendar" text. If that's what hackers are searching for it could help to remove that text.
- brian
- Joomla! Master
- Posts: 12785
- Joined: Fri Aug 12, 2005 7:19 am
- Location: Leeds, UK
- Contact:
Re: ExtCalendar
its the url they are searching for eg com_extcal....
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/
-
- Joomla! Apprentice
- Posts: 18
- Joined: Sat Jun 24, 2006 12:18 am
Re: ExtCalendar
Thanks for posting this patch. You said, "all Joomla php files (other than the index.php files) should contain a line which prevents direct access to the file from web browser." and yet the patch you've posted only adds that line to extcalendar.php. So, does that line need to be added to all php files for the extCalendar component to patch the security vulnerability? Or are you saying that best practice is to add that line to all php files, but in this case you really only need to update extcalendar.php?PhilTaylor-Prazgod wrote: Thanks to Greg, inthe team here at Blue Flame IT Ltd, for his hard work this week where we have de-hacked over 20 websites for customers globally.
See his recent post on the Latest news of http://www.phil-taylor.com/
A number of sites have been hacked due to a security vulnerability in extcalendar. There are a couple of issues which need to be considered in relation to this. Firstly all Joomla php files (other than the index.php files) should contain a line which prevents direct access to the file froma web browser. This line does the trick:
defined( ‘_VALID_MOS’ ) or die( ‘Restricted access’ );
This should be the first line of php code in the file.
Secondly if php is configured with allow_url_fopen set to “On” then the php code will be potentially able to open files on other servers, so the programmer must be very careful not to allow global variables in include/require statements.
A patched version of extcalendar.php is available to download (Link on the blog at http://blog.phil-taylor.com/ )
More information on register_globals. (Link on the blog at http://blog.phil-taylor.com/ )
- svenl
- Joomla! Ace
- Posts: 1032
- Joined: Mon Oct 17, 2005 1:50 pm
- Location: Närke, Sweden
- Contact:
Re: ExtCalendar
I really like this calendar component and it's mini calendar with daily pictures.
I hope that someone can take care of the component and plugins and do an update to 1.5 standard and take away the security risk in it.
This was the first time I get hacked and it took me 2-3 hours to restore everything and do the updates in the ExCals php-files.
This time it seems that the hackers didn't destroy anything or put something own on the webplace, but next time??
/Sven
I hope that someone can take care of the component and plugins and do an update to 1.5 standard and take away the security risk in it.
This was the first time I get hacked and it took me 2-3 hours to restore everything and do the updates in the ExCals php-files.
This time it seems that the hackers didn't destroy anything or put something own on the webplace, but next time??
/Sven
-
Sanningen finns där ute, har du sökt efter ditt svar?
var svaret bra och löste ditt problem? Glöm då inte att ändra ditt första inlägg till löst (Solved)
Sanningen finns där ute, har du sökt efter ditt svar?
var svaret bra och löste ditt problem? Glöm då inte att ändra ditt första inlägg till löst (Solved)
- Joomlamahesh
- Joomla! Apprentice
- Posts: 34
- Joined: Mon Nov 28, 2005 5:00 pm
- Location: Mumbai, India
- Contact:
Re: ExtCalendar
I also liked the component very much, but after going through varous security issues posted on this forum, a have uninstalled it and deleted all the folders relevant to it.
Even though I had applies all patches in the abovementioned discussion, made RG=off, written .htaccess file as per posts mentioned in other thread, I decided to delete the component for following reasons
1) Nobody is sure whether
defined( ‘_VALID_MOS’ ) or die( ‘Restricted access’ );
is the only problem.
2) There is no active development of this very beautiful component.
3) I don't want to get hacked again, and possibly this is the only vulnerable component I am using on my site. For other componets, either they are safe or there is no active discussion on their vulnerability.
Even though I had applies all patches in the abovementioned discussion, made RG=off, written .htaccess file as per posts mentioned in other thread, I decided to delete the component for following reasons
1) Nobody is sure whether
defined( ‘_VALID_MOS’ ) or die( ‘Restricted access’ );
is the only problem.
2) There is no active development of this very beautiful component.
3) I don't want to get hacked again, and possibly this is the only vulnerable component I am using on my site. For other componets, either they are safe or there is no active discussion on their vulnerability.
A man is not finished when he is defeated,
He is finished when he quits
He is finished when he quits
- Gregorius
- Joomla! Apprentice
- Posts: 34
- Joined: Sun Aug 21, 2005 4:34 am
- Location: Melbourne, Australia
- Contact:
Re: ExtCalendar
I have not yet implemented extCalendar, but I plan to on the new version of my site which i'm working on now. I have been looking for a calendar component for my site for ages, that can do everything i need, and this is THE ONLY ONE that does it elegantly.
Therefore, I really really really still want to use it. I do hope somebody can patch it.. either way I will be using it anyway... a more pressing concern for me than the security concerns (i'm sure there will be a fix for it eventually) is the fact that there is no active development, and it therefore may not work for Joomla 1.5... that is the most dissappointing thing for me.
Anyway, thats my 2c worth... i'll be watching this forum to see what becomes of this whole saga.
thanks for all the info guys
greg
Therefore, I really really really still want to use it. I do hope somebody can patch it.. either way I will be using it anyway... a more pressing concern for me than the security concerns (i'm sure there will be a fix for it eventually) is the fact that there is no active development, and it therefore may not work for Joomla 1.5... that is the most dissappointing thing for me.
Anyway, thats my 2c worth... i'll be watching this forum to see what becomes of this whole saga.
thanks for all the info guys
greg
DoofCentral - Your Psychedelic Universe
http://www.doofcentral.com
- Trying to upgrade to Joomla, but that brick wall is starting to win the battle.
http://www.doofcentral.com
- Trying to upgrade to Joomla, but that brick wall is starting to win the battle.
-
- Joomla! Fledgling
- Posts: 1
- Joined: Thu Jul 13, 2006 11:27 am
Re: ExtCalendar
I just registered to post these two links. The vuneralibility talked about here has been known since April at http://forums.maroctour.com/index.php?a ... lm=default in the extcal forums. http://forums.maroctour.com/index.php?a ... lm=default claims to have notified the Joomla Devs back on June 1st of this problem also. The first offers a possible solution, but according to the second's description of the problem, it might not be complete.
-
- Joomla! Explorer
- Posts: 251
- Joined: Mon Sep 05, 2005 3:50 pm
Re: ExtCalendar
Several of us are working on a patched version of Extcalendar. I hope we can have a release today or tomorrow.
Anyone interested in helping test this before releasing, please PM me.
If anyone else has started working on a patched ExtCalendar, please PM me as well and we can combine our efforts.
david
Anyone interested in helping test this before releasing, please PM me.
If anyone else has started working on a patched ExtCalendar, please PM me as well and we can combine our efforts.
david
- Elpie
- Joomla! Guru
- Posts: 903
- Joined: Wed Aug 17, 2005 11:26 pm
- Contact:
Re: ExtCalendar
Further to what David has said, please read this post: http://forum.joomla.org/index.php/topic ... #msg394539
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info
Open Source Research & Best Practice: http://osprojects.info
- zuze
- Joomla! Explorer
- Posts: 290
- Joined: Sat Feb 11, 2006 9:43 pm
- Location: Birmingham, USA
- Contact:
Re: ExtCalendar
I really like the extCalendar as well, and do not want to give it up easily
If to go to all the trouble to rename folder names, like com_extcalendar to something else, like com_bigbadwoolf, and all the references in the component and module files, that should make the renamed calendar invisible to any future automated attacks?
Also, I just tested the script that I got hacked with against the identical Joomla site I have (one that I do not use anymore) by applying the script, and it gave me the same hack even with the
defined( ‘_VALID_MOS’ ) or die( ‘Restricted access’ );
inserted.
See this post for info and look at the proof of concept: http://www.securityfocus.com/archive/1/439451
What does the "sanitize variabel $mosConfig_absolute_path in extcalendar.php" mean?
Check this post for the extcalendar
If to go to all the trouble to rename folder names, like com_extcalendar to something else, like com_bigbadwoolf, and all the references in the component and module files, that should make the renamed calendar invisible to any future automated attacks?
Also, I just tested the script that I got hacked with against the identical Joomla site I have (one that I do not use anymore) by applying the script, and it gave me the same hack even with the
defined( ‘_VALID_MOS’ ) or die( ‘Restricted access’ );
inserted.
See this post for info and look at the proof of concept: http://www.securityfocus.com/archive/1/439451
What does the "sanitize variabel $mosConfig_absolute_path in extcalendar.php" mean?
Check this post for the extcalendar
Last edited by zuze on Thu Jul 13, 2006 8:03 pm, edited 1 time in total.
The key to your life is how well you deal with plan "B".
Latvian Project http://joomlacode.org/gf/project/joomla_latvian/ | http://www.joomlalv.org
Latvian Project http://joomlacode.org/gf/project/joomla_latvian/ | http://www.joomlalv.org
- Elpie
- Joomla! Guru
- Posts: 903
- Joined: Wed Aug 17, 2005 11:26 pm
- Contact:
Re: ExtCalendar
That vulnerability has already been fixed in the upgrade that we should have out soon.
We are in the final testing stages now.
We are in the final testing stages now.
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info
Open Source Research & Best Practice: http://osprojects.info