[UPGRADE AVAIL.] PollXT component
Moderator: General Support Moderators
Forum rules
- Elpie
- Joomla! Guru
- Posts: 903
- Joined: Wed Aug 17, 2005 11:26 pm
- Contact:
[UPGRADE AVAIL.] PollXT component
Another one bites the dust
Successful exploitation requires that "register_globals" is enabled.
The vulnerability has been reported in version 1.22.07. Other versions may also be affected.
http://secunia.com/advisories/21068/
Add before code:
defined('_VALID_MOS') or die('Direct access to this location is not allowed.');
Successful exploitation requires that "register_globals" is enabled.
The vulnerability has been reported in version 1.22.07. Other versions may also be affected.
http://secunia.com/advisories/21068/
Add before code:
defined('_VALID_MOS') or die('Direct access to this location is not allowed.');
Last edited by RobS on Wed Jul 19, 2006 4:46 am, edited 1 time in total.
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info
Open Source Research & Best Practice: http://osprojects.info
-
- Joomla! Apprentice
- Posts: 23
- Joined: Fri Jan 13, 2006 5:33 pm
Re: PollXT component
I am confused I do not have the file they are talking about.
components/com_pollxt/conf.pollxt.php
What version has this file?
I am running 1.22.01
components/com_pollxt/conf.pollxt.php
What version has this file?
I am running 1.22.01
- Elpie
- Joomla! Guru
- Posts: 903
- Joined: Wed Aug 17, 2005 11:26 pm
- Contact:
Re: PollXT component
Umm... as I said, it was reported in 1.22.07Elpie wrote: The vulnerability has been reported in version 1.22.07. Other versions may also be affected.
You should check all files to ensure they do not allow direct access.
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info
Open Source Research & Best Practice: http://osprojects.info
-
- Joomla! Apprentice
- Posts: 8
- Joined: Sun May 07, 2006 11:48 am
Re: PollXT component
There is a new version out for the security fix (1.22.08 ) - either do it manually or via on-line updater
http://www.joomlaxt.com/
http://www.joomlaxt.com/
- fabs
- Joomla! Explorer
- Posts: 432
- Joined: Mon Apr 03, 2006 4:04 pm
- Location: Germany
- Contact:
Re: [UPGRADE AVAIL.] PollXT component
joomlaxt website has been hacked again just now. was pollxt the problem again?
Please visit my personal website and leave many traces
http://www.ffaabbiiaann.de
If you need webdesign services I can help you out:
http://www.webdesign2punkt0.de
http://www.ffaabbiiaann.de
If you need webdesign services I can help you out:
http://www.webdesign2punkt0.de
-
- I've been banned!
- Posts: 661
- Joined: Tue Sep 26, 2006 9:50 am
- Location: Norrköping / Stockholm
Re: [UPGRADE AVAIL.] PollXT component
Where can i find PollXT? for download.
-
- Joomla! Apprentice
- Posts: 6
- Joined: Tue Sep 26, 2006 7:06 pm
PollXT
I found PollXT on http://www.mamboserver.com | Projects. But, the files are old. Is there another place for the upgrade.
-
- I've been banned!
- Posts: 21
- Joined: Wed Dec 19, 2007 10:36 pm
Re: [UPGRADE AVAIL.] PollXT component
eyes like a hawk, well doneElpie wrote: Another one bites the dust
Successful exploitation requires that "register_globals" is enabled.
The vulnerability has been reported in version 1.22.07. Other versions may also be affected.
http://secunia.com/advisories/21068/
Add before code:
defined('_VALID_MOS') or die('Direct access to this location is not allowed.');
smile