OrdaSoft forum
Welcome, Guest
Please Login or Register.    Lost Password?
BookLibrary on Vulnerability List (0 viewing) 

BookLibary Component Support

Go to bottom Favoured: 0

BookLibrary on Vulnerability List

lyndsey (Visitor)
Posts: 0
graphgraph
User Offline
BookLibrary on Vulnerability List 14 Years, 6 Months ago
Karma: 0  
Hi - we have BookLibrary 1.5.3 basic installed on our Joomla 1.5.14 site. I notice BL 1.0 is listed as having high security vulnerabilities on the Joomla Vulnerable Extensions List docs.joomla.org/Vulnerable_Extensions_List is this issue a concern in the version we have on our site?

Thanks - Lyndsey
Logged Logged
The administrator has disabled public write access.
admin (Admin)
Admin
Posts: 8348
graph
User Offline Click here to see the profile of this user
Re:BookLibrary on Vulnerability List 14 Years, 6 Months ago
Karma: 102  
Hi Lyndsey,

In BookLibrary - that fixed very long ago.

Thanks,
OrdaSoft team
Logged Logged
The administrator has disabled public write access.
m100s2 (Visitor)
Posts: 0
graphgraph
User Offline
Re:BookLibrary on Vulnerability List 14 Years, 5 Months ago
Karma: 0  
If that is the case then some would ask why have you not removed any remaining doubts that this issue has been fully addressed and got the listing altered by following the procedure outlined here?

docs.joomla.org/Vulnerable_Extensions_Li...removed_from_the_VEL
Logged Logged
The administrator has disabled public write access.
MyCatsHeaven (Visitor)
Posts: 0
graphgraph
User Offline
Re:BookLibrary on Vulnerability List 14 Years, 5 Months ago
Karma: 0  
I agree... this is a concern as we have experienced problems being hacked. It would be very helpful if BL would consider following the advise to update the information on the Vulnerability List. Thank you, Nancy
Logged Logged
Last Edit: 2010/05/06 14:33 By .
The administrator has disabled public write access.
admin (Admin)
Admin
Posts: 8348
graph
User Offline Click here to see the profile of this user
Re:BookLibrary on Vulnerability List 14 Years, 5 Months ago
Karma: 102  
Hello all
That was very long ago and was fixed. I don't know how(why) that appears in "November 2009 Compiled Vulnerability Reports."

So now every who use BookLibrary can check self file "doc/releasenote.php"
If he will see at top so file not exist code like

Code:

if( !defined( '_VALID_MOS' ) && !defined( '_JEXEC' ) ) die( 'Direct Access to '.basename(__FILE__).' is not allowed.' );


or like

Code:

if( !defined( '_VALID_MOS' ) ) die( 'Direct Access to '.basename(__FILE__).' is not allowed.' );


So user must add so code to doc/releasenote.php file top.

JED - asked from me write special update for remove ours component from that report, but for me not clear how I will must do that, because we fix that very long ago.

Thanks,
OrdaSoft team
Logged Logged
The administrator has disabled public write access.
admin (Admin)
Admin
Posts: 8348
graph
User Offline Click here to see the profile of this user
Re:BookLibrary on Vulnerability List 14 Years, 5 Months ago
Karma: 102  
Hello all,

JED updated "Vulnerability Reports" for BookLibrary

Thank you for all,
OrdaSoft team
Logged Logged
The administrator has disabled public write access.
Go to top
»