[UPGRADE AVAIL.] PollXT component

For all Non-Joomla! security issues. ie 3pd Components etc.

Moderator: General Support Moderators

User avatar
Elpie
Joomla! Guru
Joomla! Guru
Posts: 903
Joined: Wed Aug 17, 2005 11:26 pm
Contact:

[UPGRADE AVAIL.] PollXT component

Postby Elpie » Tue Jul 18, 2006 11:45 am

Another one bites the dust :(

Successful exploitation requires that "register_globals" is enabled.

The vulnerability has been reported in version 1.22.07. Other versions may also be affected.

http://secunia.com/advisories/21068/

Add before code:
defined('_VALID_MOS') or die('Direct access to this location is not allowed.');
Last edited by RobS on Wed Jul 19, 2006 4:46 am, edited 1 time in total.
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info

JimLouis
Joomla! Apprentice
Joomla! Apprentice
Posts: 19
Joined: Fri Jan 13, 2006 5:33 pm

Re: PollXT component

Postby JimLouis » Tue Jul 18, 2006 3:20 pm

I am confused I do not have the file they are talking about.

components/com_pollxt/conf.pollxt.php

What version has this file?

I am running 1.22.01

User avatar
Elpie
Joomla! Guru
Joomla! Guru
Posts: 903
Joined: Wed Aug 17, 2005 11:26 pm
Contact:

Re: PollXT component

Postby Elpie » Wed Jul 19, 2006 1:30 am

Elpie wrote:The vulnerability has been reported in version 1.22.07. Other versions may also be affected.


Umm... as I said, it was reported in 1.22.07 ;)

You should check all files to ensure they do not allow direct access.
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info

old blue
Joomla! Apprentice
Joomla! Apprentice
Posts: 8
Joined: Sun May 07, 2006 11:48 am

Re: PollXT component

Postby old blue » Wed Jul 19, 2006 3:25 am

There is a new version out for the security fix (1.22.08 ) - either do it manually or via on-line updater

http://www.joomlaxt.com/

User avatar
fabs
Joomla! Explorer
Joomla! Explorer
Posts: 432
Joined: Mon Apr 03, 2006 4:04 pm
Location: Germany
Contact:

Re: [UPGRADE AVAIL.] PollXT component

Postby fabs » Thu Jan 11, 2007 10:38 pm

joomlaxt website has been hacked again just now. was pollxt the problem again?
Please visit my personal website and leave many traces ;)
http://www.ffaabbiiaann.de
If you need webdesign services I can help you out:
http://www.webdesign2punkt0.de

micke_nkpg
I've been banned!
Posts: 661
Joined: Tue Sep 26, 2006 9:50 am
Location: Norrköping / Stockholm
Contact:

Re: [UPGRADE AVAIL.] PollXT component

Postby micke_nkpg » Fri Mar 09, 2007 10:21 am

Where can i find PollXT? for download.

sewen12
Joomla! Apprentice
Joomla! Apprentice
Posts: 6
Joined: Tue Sep 26, 2006 7:06 pm

PollXT

Postby sewen12 » Tue Mar 13, 2007 7:35 pm

I found PollXT on http://www.mamboserver.com | Projects.  But, the files are old.  Is there another place for the upgrade.

karryberry
I've been banned!
Posts: 21
Joined: Wed Dec 19, 2007 10:36 pm

Re: [UPGRADE AVAIL.] PollXT component

Postby karryberry » Thu Dec 20, 2007 4:49 pm

Elpie wrote:Another one bites the dust :(

Successful exploitation requires that "register_globals" is enabled.

The vulnerability has been reported in version 1.22.07. Other versions may also be affected.

http://secunia.com/advisories/21068/

Add before code:
defined('_VALID_MOS') or die('Direct access to this location is not allowed.');




eyes like a hawk, well done
smile


Return to “3rd Party/Non Joomla! Security Issues”

Who is online

Users browsing this forum: No registered users and 4 guests