Does anyone have a REALLY secure UberCMS?

[JoshuaLuke]

Hey,

I need a fully secure UberCMS with hardly ANY exploits, im using RevCMS, but I wanna change over to Uber. Im willing to give a small donation if you can provide me with a good one. Just post a download link and some info below.

Thanks
Josh

 

[Wouto]

zCMS

You must be registered for see links

Stable copy of UberCMS.

 

[JoshuaLuke]

zCMS

You must be registered for see links

Stable copy of UberCMS.

Thanks, but dosent that have exploits? I heard it did.

 

[JoshuaLuke]

You must be registered for see links

.rage zone.com/f353/leaving-ubercms-edit-800339/

Thanks! Looks good, do you use this? DOES ANYONE HAVE ANY MORE PLEASE??!!<3

 

[geneocide]

Thanks! Looks good, do you use this? DOES ANYONE HAVE ANY MORE PLEASE??!!<3

No, I use Rev.
--------
Don't know if this is known to have exploits but eh,

You must be registered for see links

zone.com/f353/ubercms-rcms-php-oop-fixed-803656/

 

[Benden]

Hey,
im using RevCMS, but I wanna change over to Uber.

Thanks
Josh

Can't tell if retarded or retarded.

 

[Wouto]

Thanks, but dosent that have exploits? I heard it did.

No, it only has an article.php exploit which has a simple fix by replacing your article with

<?php
/*=======================================================================
| UberCMS - Advanced Website and Content Management System for uberEmu
| #######################################################################
| Copyright (c) 2010, Roy 'Meth0d'
| http://www.meth0d.org
| #######################################################################
| This program is free software: you can redistribute it and/or modify
| it under the terms of the GNU General Public License as published by
| the Free Software Foundation, either version 3 of the License, or
| (at your option) any later version.
| #######################################################################
| This program is distributed in the hope that it will be useful,
| but WITHOUT ANY WARRANTY; without even the implied warranty of
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
| GNU General Public License for more details.
\======================================================================*/
 
define('TAB_ID', 5);
define('PAGE_ID', 17);
 
require_once "global.php";
 
$articleData = null;
 
if (isset($_GET['mostRecent']))
{
    $getData = dbquery("SELECT * FROM site_news ORDER BY timestamp DESC LIMIT 1");
   
    if (mysql_num_rows($getData) > 0)
    {
        $articleData = mysql_fetch_assoc($getData);
    }
}
else if (isset($_GET['rel']))
{
    $rel = mysql_real_escape_string($_GET['rel']);
   
    if (strrpos($rel, '-') >= 1)
    {
        $bits = explode('-', $rel);
        $id = mysql_real_escape_string($bits[0]);
       
        $getData = dbquery("SELECT * FROM site_news WHERE id = '" . $id . "' LIMIT 1");
       
        if (mysql_num_rows($getData) > 0)
        {
            $articleData = mysql_fetch_assoc($getData);
        }
    }
}
 
$tpl->Init();
 
$tpl->AddGeneric('head-init');
$tpl->AddIncludeSet('generic');
$tpl->WriteIncludeFiles();
$tpl->AddGeneric('head-overrides-generic');
$tpl->AddGeneric('head-bottom');
$tpl->AddGeneric('generic-top');
   
$tpl->Write('<div id="column1" class="column">');
 
$newslist = new Template('comp-newslist');
 
if (isset($_GET['archiveMode']))
{
    $newslist->SetParam('mode', 'archive');
}
else if (isset($_GET['category']) && is_numeric($_GET['category']))
{
    $newslist->SetParam('mode', 'category');
    $newslist->SetParam('category_id', mysql_real_escape_string($_GET['category']));
}
else
{
    $newslist->SetParam('mode', 'recent');
}
 
$tpl->AddTemplate($newslist);
 
$tpl->Write('</div>');
 
$tpl->Write('<div id="column2" class="column">');
 
$article = new Template('comp-newsarticle');
 
if ($articleData != null)
{
    $article->SetParam('news_article_id', $articleData['id']);
    $article->SetParam('news_article_title', clean($articleData['title']));
    $article->SetParam('news_article_date', 'Posted ' . clean($articleData['datestr']));
    $article->SetParam('news_category', '<a href="/articles/category/' . $articleData['category_id'] . '">' . clean(mysql_result(dbquery("SELECT caption FROM site_news_categories WHERE id = '" . $articleData['category_id'] . "' LIMIT 1"), 0)) . '</a>');
    $article->SetParam('news_article_summary', clean($articleData['snippet']));
    $article->SetParam('news_article_body', clean($articleData['body'], true));
   
    $tpl->SetParam('page_title', 'News - ' . clean($articleData['title']));
}
else
{
    $article->SetParam('news_article_id', 0);
    $article->SetParam('news_article_title', 'News article not found');
    $article->SetParam('news_article_date', '');
    $article->SetParam('news_category', '');
    $article->SetParam('news_article_summary', '');
    $article->SetParam('news_article_body', "The article you were looking for could not be retrieved. Please press the 'back' button on your browser to return to your previous page.");   
   
    $tpl->SetParam('page_title', 'News - News Article not found');
}
 
$tpl->AddTemplate($article);
$tpl->Write('</div>');
 
$tpl->AddGeneric('generic-column3');
$tpl->AddGeneric('footer');
 
$tpl->SetParam('body_id', 'news');
 
$tpl->Output();
 
?>

(credits to nobrain)

 

[geneocide]

Can't tell if retarded or retarded.

Everyone doesn't know how to code add-on's , UberCMS already has a lot of different add-on's, That's why some people prefer UberCMS.

 

[JoshuaLuke]

No, it only has an article.php exploit which has a simple fix by replacing your article with

<?php
/*=======================================================================
| UberCMS - Advanced Website and Content Management System for uberEmu
| #######################################################################
| Copyright (c) 2010, Roy 'Meth0d'
| http://www.meth0d.org
| #######################################################################
| This program is free software: you can redistribute it and/or modify
| it under the terms of the GNU General Public License as published by
| the Free Software Foundation, either version 3 of the License, or
| (at your option) any later version.
| #######################################################################
| This program is distributed in the hope that it will be useful,
| but WITHOUT ANY WARRANTY; without even the implied warranty of
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
| GNU General Public License for more details.
\======================================================================*/
 
define('TAB_ID', 5);
define('PAGE_ID', 17);
 
require_once "global.php";
 
$articleData = null;
 
if (isset($_GET['mostRecent']))
{
    $getData = dbquery("SELECT * FROM site_news ORDER BY timestamp DESC LIMIT 1");
 
    if (mysql_num_rows($getData) > 0)
    {
        $articleData = mysql_fetch_assoc($getData);
    }
}
else if (isset($_GET['rel']))
{
    $rel = mysql_real_escape_string($_GET['rel']);
 
    if (strrpos($rel, '-') >= 1)
    {
        $bits = explode('-', $rel);
        $id = mysql_real_escape_string($bits[0]);
     
        $getData = dbquery("SELECT * FROM site_news WHERE id = '" . $id . "' LIMIT 1");
     
        if (mysql_num_rows($getData) > 0)
        {
            $articleData = mysql_fetch_assoc($getData);
        }
    }
}
 
$tpl->Init();
 
$tpl->AddGeneric('head-init');
$tpl->AddIncludeSet('generic');
$tpl->WriteIncludeFiles();
$tpl->AddGeneric('head-overrides-generic');
$tpl->AddGeneric('head-bottom');
$tpl->AddGeneric('generic-top');
 
$tpl->Write('<div id="column1" class="column">');
 
$newslist = new Template('comp-newslist');
 
if (isset($_GET['archiveMode']))
{
    $newslist->SetParam('mode', 'archive');
}
else if (isset($_GET['category']) && is_numeric($_GET['category']))
{
    $newslist->SetParam('mode', 'category');
    $newslist->SetParam('category_id', mysql_real_escape_string($_GET['category']));
}
else
{
    $newslist->SetParam('mode', 'recent');
}
 
$tpl->AddTemplate($newslist);
 
$tpl->Write('</div>');
 
$tpl->Write('<div id="column2" class="column">');
 
$article = new Template('comp-newsarticle');
 
if ($articleData != null)
{
    $article->SetParam('news_article_id', $articleData['id']);
    $article->SetParam('news_article_title', clean($articleData['title']));
    $article->SetParam('news_article_date', 'Posted ' . clean($articleData['datestr']));
    $article->SetParam('news_category', '<a href="/articles/category/' . $articleData['category_id'] . '">' . clean(mysql_result(dbquery("SELECT caption FROM site_news_categories WHERE id = '" . $articleData['category_id'] . "' LIMIT 1"), 0)) . '</a>');
    $article->SetParam('news_article_summary', clean($articleData['snippet']));
    $article->SetParam('news_article_body', clean($articleData['body'], true));
 
    $tpl->SetParam('page_title', 'News - ' . clean($articleData['title']));
}
else
{
    $article->SetParam('news_article_id', 0);
    $article->SetParam('news_article_title', 'News article not found');
    $article->SetParam('news_article_date', '');
    $article->SetParam('news_category', '');
    $article->SetParam('news_article_summary', '');
    $article->SetParam('news_article_body', "The article you were looking for could not be retrieved. Please press the 'back' button on your browser to return to your previous page."); 
 
    $tpl->SetParam('page_title', 'News - News Article not found');
}
 
$tpl->AddTemplate($article);
$tpl->Write('</div>');
 
$tpl->AddGeneric('generic-column3');
$tpl->AddGeneric('footer');
 
$tpl->SetParam('body_id', 'news');
 
$tpl->Output();
 
?>

(credits to nobrain)

So do you think I should go with zCMS?

 

[Wouto]

So do you think I should go with zCMS?

Up to you, zCMS is secure though.

 

[JoshuaLuke]

Up to you, zCMS is secure though.

As long as its secure, and excellent Although, does anyone else have any good CMS's

Up to you, zCMS is secure though.

---SORRY FOR DOUBLE POST----​

I researched this, its zCMS 2, which isnt supposed to be used for production purposes.. Also, its hardly got any files in it ;/

 

[Wouto]

---SORRY FOR DOUBLE POST----​

I researched this, its zCMS 2, which isnt supposed to be used for production purposes.. Also, its hardly got any files in it ;/

Download the link I gave you above;

You must be registered for see links

 

[JoshuaLuke]

Download the link I gave you above;

You must be registered for see links

Yes, that dosent have any pages? Only me.php, index.php, logout.php and register.php, are you sure its the right link?

 

[Wouto]

Yes, that dosent have any pages? Only me.php, index.php, logout.php and register.php, are you sure its the right link?

Sorry, download

You must be registered for see links

- I gave you the wrong one ;P

 

[JoshuaLuke]

Sorry, download

You must be registered for see links

- I gave you the wrong one ;P

Thanks Looks really good, will install on my server, see how it goes

 

[Wouto]

Thanks Looks really good, will install on my server, see how it goes

Your welcome, have fun.

 

[brsy]

As long as its secure, and excellent Although, does anyone else have any good CMS's/

I am developing tCMS, and I might let you BETA test it if you're interested.

 

[JoshuaLuke]

I am developing tCMS, and I might let you BETA test it if you're interested.

Oh thanks, link me to a dev

 

[brsy]

Oh thanks, link me to a dev

It's being privately developed. Just inbox me for more information.