Discussion in "Map Me Support" started by    VR6Pete    May 6, 2011.
Fri May 06 2011, 03:18 PM
#1
Hello,

e107 Security has identified a vulnerability with MapMe 1.3!

unsure of the exact issue, but it seems that the plugin has allowed thumbs.php to be uploaded to e107_files.

Coulkd you please take a look and release an updated version to resolve this problem?

Thanks.

Pete

Fri May 06 2011, 07:05 PM
#2
Hi, I have no idea about such vulnerability in the plugin. as i am not dealing in anycase with thumbs.php I am really unsure how this is possible. I would really appreciate if you can help me out if such thing is true. Please PM me whatever inputs you can provide.

I am not getting enough time to work on plugins these days. Can you help me in this regard?

Thanks,
Ajay
Sun May 22 2011, 08:23 PM
#3
I've put extra lOgging on my website so I can see which file and what is being used to exploit your code... There's various topics on e107.org and it was noticed that mapme 1.3 was a known vulnerable plugin...

Thumbs.PHP is uploaded as part of the hack and is a result of the exploit, it also modifies e107.Js that then serves up viruses to users... Not good...

I'd suggest you review your code, and in the mean time I'll see what logs I can get

Cheers

Pete
Tue May 24 2011, 09:09 AM
#4
If there is a work around please let me know via PM.
Tue May 24 2011, 07:44 PM
#5
I have details of the exploit ive found on a russian website, i'll PM the details so you can fix it...

Cheers

Pete
Wed May 25 2011, 12:47 PM
#6
Please provide me links (e107 forum) where you made a post about this fix.
Wed May 25 2011, 01:15 PM
#7
Here you go.

http://e107.org/e107_forum-t220072.html
Wed May 25 2011, 01:17 PM
#8
Wed May 25 2011, 01:17 PM
#9
your forum keeps on messing up the URL

http://e107.org/e107_forum-t220072.html
Thu May 26 2011, 02:21 PM
#10
FURL is taking care of all URLs
anyways thank you for your help. I am working on an update version. I saw on that thread people are facing problem with it, but no1 is providing actual input to me so as to know what exactly is going wrong with them.

If you are facing any problem please do post that.

Get Social

Information

Powered by e107 Forum System

Conversation

Tue Jan 14 2020, 07:08 AM
shubham kharade
when i am trying to simulate the program in Proteus 8 professional, I am getting some errors as cannot find module file dhtxx.md can u help me
Tue Dec 17 2019, 01:44 PM
Devangi
hello..i am programming industrial timer using 8051 with 24lc64 eeprom. i have query in storing the 3 diff value in eeprom with enter button. can anyone share c code ?
Tue Dec 17 2019, 10:30 AM
Andrius
Hello. Can anyone share the code in Bascon and scheme in Proteus?
Thu Nov 21 2019, 12:30 PM
raj2555
how to interface 8051 microcontroller with NRF24L01+ module
ExperimenterUK
Sat Oct 12 2019, 10:23 PM
Log in.. then post your code in the 8051 forum
Sat Oct 12 2019, 10:18 AM
Bhadra Sajikumar
i am doing a countdown timer with 8051 for my project, unfortunately our professor had to take a leave of absence before he could teach us most of it.. can someone explain the .asm code of it for me?
Mon Sep 23 2019, 07:37 AM
Nathaniel
I am doing a project for my schools wireless security system with cameras,sensors and spot lights using 8051 micro controller, could you help me out with the design and its source code.
Wed Sep 18 2019, 08:48 PM
Caryn Kover
Thank you for your time,
ExperimenterUK
Mon Aug 05 2019, 07:09 PM
@Ismail ..post in forum, give details
Mon Aug 05 2019, 04:33 PM
Ismail balghmi
Hello. Please I won't download

Downloads

Comments

usb5962
Sat Jan 11 2020, 10:42 AM
elt
Tue Jan 07 2020, 06:53 PM
mg3914697
Tue Jan 07 2020, 12:42 PM
afds43
Sun Dec 29 2019, 05:54 AM
Rupeshpatil
Fri Dec 27 2019, 06:14 PM
pyxus
Sat Dec 14 2019, 12:31 PM
Istika
Thu Dec 12 2019, 12:04 PM
nabiha_anaya
Sun Dec 08 2019, 09:16 AM

Online

Guests: 46, Members: 0 ...

most ever online: 182184
(Members: , Guests: 182184) on 06 Aug 2010: 05:37 AM

Members: 38115
Newest member: usb5962
Forum Activity
ExperimenterUK Avatar
Posted By ExperimenterUK
Fri Jan 17 2020, 10:24 PM
We will need the circuit diagram.A Proteus simulat...
Billz Avatar
Posted By Billz
Sat Jan 11 2020, 05:43 PM
hi everyone please attached files are my c code fo...
ExperimenterUK Avatar
Posted By ExperimenterUK
Tue Jan 07 2020, 08:18 PM
Not a stupid question.Setting up "Eclipse" can be...
elt Avatar
Posted By elt
Tue Jan 07 2020, 07:06 PM
So i have just began learning programming micros a...
Billz Avatar
Posted By Billz
Mon Jan 06 2020, 09:22 PM
I think it would be better if you guys try to come...
ExperimenterUK Avatar
Posted By ExperimenterUK
Mon Jan 06 2020, 12:22 AM
Can you post a circuit diagram and any code you ha...
Billz Avatar
Posted By Billz
Sun Jan 05 2020, 08:17 PM
Need help regarding C code (specifically for PIC 1...
ExperimenterUK Avatar
Posted By ExperimenterUK
Mon Dec 30 2019, 06:42 PM
Can you give more details of your problem.
Rupeshpatil Avatar
Posted By Rupeshpatil
Fri Dec 27 2019, 06:21 PM
How to copy program my old microcontroller to new ...
ilylily07 Avatar
Posted By ilylily07
Thu Dec 12 2019, 02:26 PM
wil do.thank you for your advice!