SQL Injections

[Online]

How can you prevent SQL injections? I thought it was just the exploit in phoenix, but I'm using rev now and it's still happening....

 

[Xyro]

Are you sure that you're being exploited with RevCMS or is it just someone hacking accounts ect.

 

[brsy]

There are some exploits in Rev... I don't know about SQL injections, but I do know that it is possible for people to upload shells to your website as that happened to the owner of Bullet Hotel.

 

[HabboME]

What version are you using?

 

[brsy]

What version are you using?

My friend was using RevCMS 1.9.9
He is now switching over to zCMS.

 

[HabboME]

My friend was using RevCMS 1.9.9
He is now switching over to zCMS.

There is an updated version now, 1.9.9.9
Also I've used zCMS and someone exploited it.. That was months ago, so I don't know if he has updated it at all.

 

[RastaLulz]

What happened due to this SQL injection?

My friend was using RevCMS 1.9.9
He is now switching over to zCMS.

Are you sure it wasn't a web server issue, or something else that was running on the site?

I also chuckled at him switching from RevCMS to zCMS for security precautions.

 

[Kryptos]

Yea, you can upload shells thanks to the CMS ./sarcasm

There are NO exploits in Rev. Period.

 

[Online]

So how can I prevent these attacks? :/

You must be registered for see links

 

[Alam]

You used vBulletin , they shelled u by naming the file as an image format , and rooted u / defaced ur webpage.

 

[brsy]

What happened due to this SQL injection?


Are you sure it wasn't a web server issue, or something else that was running on the site?

I also chuckled at him switching from RevCMS to zCMS for security precautions.

I told him zCMS is even worse but he said I am hatin' on his retro.

 

[Online]

Perfect...

 

[Kristopher]

What happened due to this SQL injection?


Are you sure it wasn't a web server issue, or something else that was running on the site?

I also chuckled at him switching from RevCMS to zCMS for security precautions.

Same here.. Smh Kryptos is a PHP Gawd!.. I think he just don't know what pure security is xD

 

[James6213]

zCMS is exploitable Jonteh put exploits in their and hacked my retro the other day when I was on zCMS, don't trust it even if you buy it from him.

 

[vRory]

I don;t think he intended to put them in, but people have patched some of them

 

[Spartak]

i know many people who used zCms and all are hacked x_x

 

[zMagenta]

Well, there's no real way to prevent your CMS. Every CMS contains atleast 1 or 2 exploits. Only way to fix if find them yourself, and "repair" them.

 

[Kryptos]

Well, there's no real way to prevent your CMS. Every CMS contains atleast 1 or 2 exploits. Only way to fix if find them yourself, and "repair" them.

Rev has 0.

ANYWAYS, thread closed.