Search found 118 matches

Does 2.5.13 fix the SQL injection described in http://forums.cnet.com/Software/5208-6132_102-0.html?forumID=32&threadID=265936&messageID=2594414#2594414

NukeSentinel "write_ban()" SQL Injec ...

For clarification, does NukeSentinel protect against most (if not all known) types of SQL injection?

According to NOT protect against certain types of SQL injection. If accurate, which forms or t ...

Additional code changes in automated_news() function within mainfile.php:function automated_news() {
global $prefix, $multilingual, $currentlang, $db;
// oprime2001 if ($mult ...

I'm using RavenNuke76 v2.02.02 Distro, and my programmed articles do not show up sometimes. I looked into the code and there is this section
$num = $db->sql_numrows($db->sql_query ...

Thanks. I did a Google search for "nukestyles.com contact 2.4" and got a bunch of outdated websites.

I forgot to ask earlier, but you haven't seen any unusual usage/access with v2.4 have you, k ...

Hi oprime2001. I still use it, but am not aware of any issues. VinDSL and Guardian have done some work on preventing spam through functions like this, but I don't remember seeing an updated version ...

I've had an older module Contact by NukeStyles.com on a couple of my sites for a couple of years now. Lately, however, there has been an increased access or usage of this Contact module -- without me ...

Another suggestion I'd put out there is possibly to switch hosts at the end/close-to-the-end of your prepaid period. Raven provides hosting services. Or if you'd like to do more research on other ho ...

Guys, I don't think folks are necessarily "banned" by the "Invalid IP" notice. There are no blockers per se for this. It is just a wholesale check to make sure they are not trying to "spoof" an IP t ...

After a recent upgrade to 2.5.2, I came to find out that NukeSentinel will prevent users from accessing a NukeSentinel site -- without (the option of) notifying the admin.

In particular, if NukeS ...

I know that I could use a shared banning system. I have three phpnuke sites (gaming site, religious org site, and personal site) on one shared hosting account. If I could admin one system and have t ...

What I find disconcerting is the fact that users were being blocked/banned without any notification to the admin. I only found out about the issues when a second user posted on the board about the "i ...

Well, you can me to the list of NukeSentinel users who recently upgraded to 2.5.2. Within the day of upgrading, I started having random users blocked.

Since there is no flag to set for checking In ...

I understand that the admin auth and renaming folders will help to prevent these type of attacks. But is the real problem/exploit being remediated? Is this a phpBB issue, php-nuke issue, php issue o ...

According to this [url=http://secunia.com/advisories/15244/]exploit notice, this vulnerability dates back to 2005-05-05, or has been patched but re-introduced. Regardless, it still seems that NukeSen ...

Would the addition of a CGIAuth challenge in the modules/Forums/admin folder affect simple forum moderators?

Thanks.

Is this hack invisible to NukeSentinel because neither mainfile.php nor modules.php are called/invoked? Just guessing on my part, though.

I don't know if it's already been pointed out and being remedied, but if you do a forum search, click on a search result, click on page 2 (or subesquent page) from the first page of the search result, ...

I'm helping out a friend with his phpnuke website; he does design, and I do the coding/configuration. We're currently using the theme http://img512.imageshack.us/img512/4074/blurred1ad.th.jpg<tabl ...

You haven't listed any of your other installed modules. It is unsafe/unwise to assume that the problem lies within Menalto Gallery or any other module unless you've verified the exploit within your s ...

Do a gzinflatebase64_decode.

p.s. no charge.

Has anyone heard of an exploit that was possible to pull off with just knowing a particular table's exact name?
Didn't all those UNION exploits from back in the days of the (orig) hack attempt script ...

Using phpmyadmin, you could export all your relevant tables to a file. Open the file in a text editor (e.g. nuke_ to somenewprefix_.

Then upload the renamed tables via phpmyadmin -- in batches, if ...

If you want less than 10 articles in the block, you will have to edit the code -- such as per Nukeum66 instructions.

But if 10 articles in the block is ok, as an alternative to editing the code, yo ...

5. Is there a way to make a module accessible only by staff?

As an alternative to using an add-on, I've limited access to certain modules by using the built-in USER GROUPS example.com/admin.php?o ...

Author	Message
Topic: Does 2.5.13 fix SQL Injection in NukeSentinel 2.5.12?
oprime2001 Replies: 2 Views: 11539	Forum: NukeSentinel(tm) v2.5.x Posted: Sat Sep 29, 2007 8:24 am Subject: Does 2.5.13 fix SQL Injection in NukeSentinel 2.5.12?
oprime2001 Replies: 2 Views: 11539	Does 2.5.13 fix the SQL injection described in http://forums.cnet.com/Software/5208-6132_102-0.html?forumID=32&threadID=265936&messageID=2594414#2594414 NukeSentinel "write_ban()" SQL Injec ...
Topic: Protection against all types of SQL injection -- incomplete?
oprime2001 Replies: 7 Views: 14627	Forum: NukeSentinel(tm) v2.4.x Posted: Fri Jan 19, 2007 3:14 pm Subject: Protection against all types of SQL injection -- incomplete?
oprime2001 Replies: 7 Views: 14627	For clarification, does NukeSentinel protect against most (if not all known) types of SQL injection? According to NOT protect against certain types of SQL injection. If accurate, which forms or t ...
Topic: Programmed articles not showing up
oprime2001 Replies: 2 Views: 6601	Forum: Raven's RavenNuke(tm) v2.02.02 Distro Posted: Wed Sep 20, 2006 2:09 pm Subject: re: Programmed articles not showing up
oprime2001 Replies: 2 Views: 6601	Additional code changes in automated_news() function within mainfile.php:function automated_news() { global $prefix, $multilingual, $currentlang, $db; // oprime2001 if ($mult ...
Topic: Programmed articles not showing up
oprime2001 Replies: 2 Views: 6601	Forum: Raven's RavenNuke(tm) v2.02.02 Distro Posted: Wed Sep 20, 2006 9:29 am Subject: Programmed articles not showing up
oprime2001 Replies: 2 Views: 6601	I'm using RavenNuke76 v2.02.02 Distro, and my programmed articles do not show up sometimes. I looked into the code and there is this section $num = $db->sql_numrows($db->sql_query ...
Topic: Old(er) module: NukeStyles.com Contact -- anyone still use?
oprime2001 Replies: 8 Views: 10717	Forum: Modules Posted: Tue Sep 19, 2006 1:27 pm Subject: re: Old(er) module: NukeStyles.com Contact -- anyone still u
oprime2001 Replies: 8 Views: 10717	Thanks. I did a Google search for "nukestyles.com contact 2.4" and got a bunch of outdated websites. I forgot to ask earlier, but you haven't seen any unusual usage/access with v2.4 have you, k ...
Topic: Old(er) module: NukeStyles.com Contact -- anyone still use?
oprime2001 Replies: 8 Views: 10717	Forum: Modules Posted: Tue Sep 19, 2006 1:10 pm Subject: re: Old(er) module: NukeStyles.com Contact -- anyone still u
oprime2001 Replies: 8 Views: 10717	Hi oprime2001. I still use it, but am not aware of any issues. VinDSL and Guardian have done some work on preventing spam through functions like this, but I don't remember seeing an updated version ...
Topic: Old(er) module: NukeStyles.com Contact -- anyone still use?
oprime2001 Replies: 8 Views: 10717	Forum: Modules Posted: Tue Sep 19, 2006 10:49 am Subject: Old(er) module: NukeStyles.com Contact -- anyone still use?
oprime2001 Replies: 8 Views: 10717	I've had an older module Contact by NukeStyles.com on a couple of my sites for a couple of years now. Lately, however, there has been an increased access or usage of this Contact module -- without me ...
Topic: site overload problems advice
oprime2001 Replies: 6 Views: 11128	Forum: Other - Discussion Posted: Sat Sep 09, 2006 9:28 pm Subject: re: site overload problems advice
oprime2001 Replies: 6 Views: 11128	Another suggestion I'd put out there is possibly to switch hosts at the end/close-to-the-end of your prepaid period. Raven provides hosting services. Or if you'd like to do more research on other ho ...
Topic: I have a problem ''access this site with an invalid IP.''
oprime2001 Replies: 136 Views: 203952	Forum: NukeSentinel(tm) v2.5.x Posted: Sat Sep 02, 2006 11:47 am Subject: re: I have a problem ''access this site with an invalid IP.'
oprime2001 Replies: 136 Views: 203952	Guys, I don't think folks are necessarily "banned" by the "Invalid IP" notice. There are no blockers per se for this. It is just a wholesale check to make sure they are not trying to "spoof" an IP t ...
Topic: Notification option for any and all NukeSentinel action
oprime2001 Replies: 1 Views: 7505	Forum: NukeSentinel(tm) Enhancement Requests Posted: Sat Sep 02, 2006 11:38 am Subject: Notification option for any and all NukeSentinel action
oprime2001 Replies: 1 Views: 7505	After a recent upgrade to 2.5.2, I came to find out that NukeSentinel will prevent users from accessing a NukeSentinel site -- without (the option of) notifying the admin. In particular, if NukeS ...
Topic: Shared banning system
oprime2001 Replies: 18 Views: 27232	Forum: NukeSentinel(tm) Enhancement Requests Posted: Sat Sep 02, 2006 11:34 am Subject: re: Shared banning system
oprime2001 Replies: 18 Views: 27232	I know that I could use a shared banning system. I have three phpnuke sites (gaming site, religious org site, and personal site) on one shared hosting account. If I could admin one system and have t ...
Topic: I have a problem ''access this site with an invalid IP.''
oprime2001 Replies: 136 Views: 203952	Forum: NukeSentinel(tm) v2.5.x Posted: Sat Sep 02, 2006 7:05 am Subject: re: I have a problem ''access this site with an invalid IP.'
oprime2001 Replies: 136 Views: 203952	What I find disconcerting is the fact that users were being blocked/banned without any notification to the admin. I only found out about the issues when a second user posted on the board about the "i ...
Topic: I have a problem ''access this site with an invalid IP.''
oprime2001 Replies: 136 Views: 203952	Forum: NukeSentinel(tm) v2.5.x Posted: Fri Sep 01, 2006 7:29 am Subject: re: I have a problem ''access this site with an invalid IP.'
oprime2001 Replies: 136 Views: 203952	Well, you can me to the list of NukeSentinel users who recently upgraded to 2.5.2. Within the day of upgrading, I started having random users blocked. Since there is no flag to set for checking In ...
Topic: Should Sentinel Pick these up ? !!
oprime2001 Replies: 21 Views: 24483	Forum: NukeSentinel(tm) v2.5.x Posted: Wed Aug 30, 2006 5:53 am Subject: re: Should Sentinel Pick these up ? !!
oprime2001 Replies: 21 Views: 24483	I understand that the admin auth and renaming folders will help to prevent these type of attacks. But is the real problem/exploit being remediated? Is this a phpBB issue, php-nuke issue, php issue o ...
Topic: Should Sentinel Pick these up ? !!
oprime2001 Replies: 21 Views: 24483	Forum: NukeSentinel(tm) v2.5.x Posted: Tue Aug 29, 2006 10:27 am Subject: re: Should Sentinel Pick these up ? !!
oprime2001 Replies: 21 Views: 24483	According to this [url=http://secunia.com/advisories/15244/]exploit notice, this vulnerability dates back to 2005-05-05, or has been patched but re-introduced. Regardless, it still seems that NukeSen ...
Topic: Protecting the Forum/admin folder
oprime2001 Replies: 34 Views: 94633	Forum: Security - PHP Nuke Posted: Tue Aug 29, 2006 7:52 am Subject: re: Protecting the Forum/admin folder
oprime2001 Replies: 34 Views: 94633	Would the addition of a CGIAuth challenge in the modules/Forums/admin folder affect simple forum moderators? Thanks.
Topic: Should Sentinel Pick these up ? !!
oprime2001 Replies: 21 Views: 24483	Forum: NukeSentinel(tm) v2.5.x Posted: Tue Aug 29, 2006 7:45 am Subject: re: Should Sentinel Pick these up ? !!
oprime2001 Replies: 21 Views: 24483	Is this hack invisible to NukeSentinel because neither mainfile.php nor modules.php are called/invoked? Just guessing on my part, though.
Topic: GT on this site fails with multi-page search results
oprime2001 Replies: 2 Views: 8120	Forum: GT - Next Gen and Standard Posted: Wed Aug 16, 2006 8:35 am Subject: GT on this site fails with multi-page search results
oprime2001 Replies: 2 Views: 8120	I don't know if it's already been pointed out and being remedied, but if you do a forum search, click on a search result, click on page 2 (or subesquent page) from the first page of the search result, ...
Topic: Modify a full-width theme to fixed width
oprime2001 Replies: 1 Views: 6861	Forum: Themes Posted: Thu Jun 22, 2006 3:43 pm Subject: Modify a full-width theme to fixed width
oprime2001 Replies: 1 Views: 6861	I'm helping out a friend with his phpnuke website; he does design, and I do the coding/configuration. We're currently using the theme http://img512.imageshack.us/img512/4074/blurred1ad.th.jpg<tabl ...
Topic: Someone replaced my index.php
oprime2001 Replies: 23 Views: 27609	Forum: Security - PHP Nuke Posted: Wed Jan 19, 2005 9:04 am Subject: What other modules are you using -- even inactive ones?
oprime2001 Replies: 23 Views: 27609	You haven't listed any of your other installed modules. It is unsafe/unwise to assume that the problem lies within Menalto Gallery or any other module unless you've verified the exploit within your s ...
Topic: Encrypted Scripts... Help Please
oprime2001 Replies: 10 Views: 12572	Forum: General/Other Stuff Posted: Mon Jan 10, 2005 9:53 am Subject: Encrypted Scripts... Help Please
oprime2001 Replies: 10 Views: 12572	Do a gzinflatebase64_decode. p.s. no charge.
Topic: Changing table prefix...
oprime2001 Replies: 6 Views: 13791	Forum: MySQL Posted: Wed Dec 15, 2004 11:03 pm Subject: UNION exploits
oprime2001 Replies: 6 Views: 13791	Has anyone heard of an exploit that was possible to pull off with just knowing a particular table's exact name? Didn't all those UNION exploits from back in the days of the (orig) hack attempt script ...
Topic: Changing table prefix...
oprime2001 Replies: 6 Views: 13791	Forum: MySQL Posted: Wed Dec 15, 2004 9:56 pm Subject: Export, edit then reupload.
oprime2001 Replies: 6 Views: 13791	Using phpmyadmin, you could export all your relevant tables to a file. Open the file in a text editor (e.g. nuke_ to somenewprefix_. Then upload the renamed tables via phpmyadmin -- in batches, if ...
Topic: Help with old Articles block
oprime2001 Replies: 4 Views: 6668	Forum: Blocks Posted: Mon Dec 13, 2004 7:44 pm Subject: Old Articles block option via the admin pages, too.
oprime2001 Replies: 4 Views: 6668	If you want less than 10 articles in the block, you will have to edit the code -- such as per Nukeum66 instructions. But if 10 articles in the block is ok, as an alternative to editing the code, yo ...
Topic: A whole lot of questions...
oprime2001 Replies: 17 Views: 25035	Forum: phpnuke 7.0 Posted: Sun Dec 12, 2004 3:59 pm Subject: Re: A whole lot of questions...
oprime2001 Replies: 17 Views: 25035	5. Is there a way to make a module accessible only by staff? As an alternative to using an add-on, I've limited access to certain modules by using the built-in USER GROUPS example.com/admin.php?o ...