In reply to A very serious security issue in version 6.0
dddd
dddd7th of June 2008to gameutopia
 
I think Boonex guys should honestly admit this. This code is obviously reading a file with admin login and pwd from their Boonex site and inserting it into your admin table. As you all know, an admin can do whatever he wants.

I think their solution was not that smart, because they left one line sql visible which inserts into admin table. Actually it is possible to do it in much smarter ways which are much more difficult to detect and claim.

I don't know how it is in the latest versions. I see more have no time to check newer versions, but if I find anything I am planning to post the details in my Dolphin blog

http://english.youshare.jp/blogs.php?action=show_member_blog&ownerID=15&category=32&cPath=32&blogID=7
PermalinkReplyPlus0 pluses
 
 
Home
Features
Pricing
Hosting
Support
About
StartDemo
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.

Blogs

Dolphin.Pro News
BoonEx News
Our Journey
Social Software World
Community Voice

Help

Support Forums
Documentation
BoonEx at GitHub
Custom Jobs
Contact Support Team

Product

Dolphin.Pro Features
Live Demo & Sandbox
Download Packages
Pricing & Order
Contact Sales Team

Company

Contact Us
About BoonEx
Privacy Policy
Terms & Conditions
© BoonEx Pty Ltd
SSL
© BoonEx
Home
Features
Pricing
Support
Hosting
About
Demo
PET:0.45830512046814