security report

Total impact: 5
Affected tags: dt, id, lfi

Variable: POST.relocate | Value: http://www.tomakali.net/m/chat/home/
Impact: 5 | Tags: dt, id, lfi
Description: Detects specific directory and path traversal | Tags: dt, id, lfi | ID: 11

REMOTE_ADDR: 122.164.246.129
HTTP_X_FORWARDED_FOR:
HTTP_CLIENT_IP:
SCRIPT_FILENAME: /home/tomnet/public_html/

member.php
QUERY_STRING:
REQUEST_URI: /member.php
QUERY_STRING:
SCRIPT_NAME: /member.php
PHP_SELF: /member.php
is this a bug?
i cannot post anything in blogs,articles etc
even as administrator
Quote · 15 Feb 2011

Why are you even wasting your time with phpids by having it enabled?  You know as well as the rest of us, that it has never worked.  Boonex should just remove the P.O.S. from Dolphin.  I don't think PHPIDS was developed with Dolphin in mind.  I'm really surprised that it's still a part of Dolphin.  It makes no sense to keep it.

My opinions expressed on this site, in no way represent those of Boonex or Boonex employees.
Quote · 15 Feb 2011

Total impact: 5
Affected tags: dt, id, lfi

Variable: POST.promo_relocation_link_

member | Value: http://tomakali.net/m/inviter/home/
Impact: 5 | Tags: dt, id, lfi
Description: Detects specific directory and path traversal | Tags: dt, id, lfi | ID: 11

REMOTE_ADDR: 122.164.31.185
HTTP_X_FORWARDED_FOR:
HTTP_CLIENT_IP:
SCRIPT_FILENAME: /home/tomnet/public_html/administration/advanced_settings.php
QUERY_STRING:
REQUEST_URI: /administration/advanced_settings.php
QUERY_STRING:
SCRIPT_NAME: /administration/advanced_settings.php
PHP_SELF: /administration/advanced_settings.php
this suks...
cant even save the settings :(
Quote · 15 Feb 2011

I agree with houstonlively. You should also be aware that it was disabled in a previous release because it was acknowledged that it doesn't work, and was prone to report false positives. It wasn't implemented properly and because of that, it doesn't work.

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
Quote · 15 Feb 2011

If you can't save them.

Then force it. Edit in the database. The values are is sys_options.

After database edit, clear cache.


https://www.deanbassett.com
Quote · 15 Feb 2011
 
 
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.