[UPGRADE AVAIL.] PollXT component

Moderator: General Support Moderators

Forum rules

Locked

8 posts • Page 1 of 1

Elpie: Joomla! Guru; Posts: 903; Joined: Wed Aug 17, 2005 11:26 pm; Contact:
Contact Elpie

Website

[UPGRADE AVAIL.] PollXT component

Post by Elpie » Tue Jul 18, 2006 11:45 am

Another one bites the dust

Successful exploitation requires that "register_globals" is enabled.

The vulnerability has been reported in version 1.22.07. Other versions may also be affected.

http://secunia.com/advisories/21068/

Add before code:
defined('_VALID_MOS') or die('Direct access to this location is not allowed.');

Last edited by RobS on Wed Jul 19, 2006 4:46 am, edited 1 time in total.

For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info

JimLouis: Joomla! Apprentice; Posts: 23; Joined: Fri Jan 13, 2006 5:33 pm

Re: PollXT component

Post by JimLouis » Tue Jul 18, 2006 3:20 pm

I am confused I do not have the file they are talking about.

components/com_pollxt/conf.pollxt.php

What version has this file?

I am running 1.22.01

Elpie: Joomla! Guru; Posts: 903; Joined: Wed Aug 17, 2005 11:26 pm; Contact:
Contact Elpie

Website

Re: PollXT component

Post by Elpie » Wed Jul 19, 2006 1:30 am

Elpie wrote: The vulnerability has been reported in version 1.22.07. Other versions may also be affected.

Umm... as I said, it was reported in 1.22.07

You should check all files to ensure they do not allow direct access.

For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info

old blue: Joomla! Apprentice; Posts: 8; Joined: Sun May 07, 2006 11:48 am

Re: PollXT component

Post by old blue » Wed Jul 19, 2006 3:25 am

There is a new version out for the security fix (1.22.08 ) - either do it manually or via on-line updater

http://www.joomlaxt.com/

fabs: Joomla! Explorer; Posts: 432; Joined: Mon Apr 03, 2006 4:04 pm; Location: Germany; Contact:
Contact fabs

Website

Re: [UPGRADE AVAIL.] PollXT component

Post by fabs » Thu Jan 11, 2007 10:38 pm

joomlaxt website has been hacked again just now. was pollxt the problem again?

Please visit my personal website and leave many traces

http://www.ffaabbiiaann.de
If you need webdesign services I can help you out:
http://www.webdesign2punkt0.de

micke_nkpg: I've been banned!; Posts: 661; Joined: Tue Sep 26, 2006 9:50 am; Location: Norrköping / Stockholm

Re: [UPGRADE AVAIL.] PollXT component

Post by micke_nkpg » Fri Mar 09, 2007 10:21 am

Where can i find PollXT? for download.

sewen12: Joomla! Apprentice; Posts: 6; Joined: Tue Sep 26, 2006 7:06 pm

PollXT

Post by sewen12 » Tue Mar 13, 2007 7:35 pm

I found PollXT on http://www.mamboserver.com | Projects. But, the files are old. Is there another place for the upgrade.

karryberry: I've been banned!; Posts: 21; Joined: Wed Dec 19, 2007 10:36 pm

Re: [UPGRADE AVAIL.] PollXT component

Post by karryberry » Thu Dec 20, 2007 4:49 pm

Elpie wrote: Another one bites the dust

Successful exploitation requires that "register_globals" is enabled.

The vulnerability has been reported in version 1.22.07. Other versions may also be affected.

http://secunia.com/advisories/21068/

Add before code:
defined('_VALID_MOS') or die('Direct access to this location is not allowed.');

eyes like a hawk, well done

smile

Locked

8 posts • Page 1 of 1

Return to “3rd Party/Non Joomla! Security Issues”