Security hole in module ExtCalendar may affect your site
-
-
- Mizael FAUCON
- Sr. Rocketeer
- Posts: 111
- Thanks: 0
-
Well, I was wondering if it was necessary to post on this Forum but I think that I should, for secure reasons.
This morning, my site was not "working" at all. I found that the templates Versatility (I & II) was not able to display the contents anymore (the browser was searching the data without stopping). I had to get back to the "old" Technopia template and then the site worked again.
I spent some hours to find the problem and I am pratically sure that it comes from a huge security hole in the component ExtCalendar. See there for informations : forum.joomla.org/index.php/topic,75390.0.html
Yet, last night I had patched the module but it appears that this patch does not protect you totally. Thus I supposed that we have been hacked without (I hope) too bad consequences.
So I have deleted the 2 folders of the component and now the site can works again with Versality II. Beware not to deinstall it by the admin panel or you will lose also your ExtCalendar data (un secure version is coming soon so you will be able to have all your calendar back with its data. - ______________
Sorry for the english, that's not my native language!
-
Time to create page: 0.033 seconds