Intrusion into Cmsimple 3.1

A place for security related announcements and discussions - please check this forum frequently!
Holger
Site Admin
Posts: 3470
Joined: Mon May 19, 2008 7:10 pm
Location: Hessen, Germany

Re: Intrusion into Cmsimple 3.1

Post by Holger » Thu Aug 11, 2011 10:02 pm

@beate
beate_r wrote: i would like to inform You that some mentally ill people have intruded (several times) into an Cmsimple 3.1 installation i have set up and destroyed the data there.

I do yet have to find out what happened. Possibly the password was too weak.
If you think that someone is interested making you trouble again, here's a nice tool which can help a lot:
https://phpids.org/

KR
Holger

johnjdoe
Posts: 571
Joined: Tue May 20, 2008 6:32 am

Re: Intrusion into Cmsimple 3.1

Post by johnjdoe » Fri Aug 12, 2011 6:11 am

It's certainly not as good as PHPIDS but you could use the CMSimple plugin GXSecurity too to protect you site.

cmb
Posts: 14225
Joined: Tue Jun 21, 2011 11:04 am
Location: Bingen, RLP, DE
Contact:

Re: Intrusion into Cmsimple 3.1

Post by cmb » Fri Aug 12, 2011 11:31 am

Hello Beate,

I've just found another bug in my posted code! I've forgot to add parentheses around the already existing login checks :oops: I've corrected this in the code already.

Christoph
Christoph M. Becker – Plugins for CMSimple_XH

beate_r
Posts: 174
Joined: Thu May 22, 2008 11:44 pm
Location: Hessen / Germany

Re: Intrusion into Cmsimple 3.1

Post by beate_r » Sat Aug 13, 2011 10:03 pm

johnjdoe wrote:... GXSecurity ...
If you have cured the thing with the empty lines prior to the pages i will be able to use it (remember our old discussion on that?)

Post Reply