×
Kunena 5.1.18 Released (30 Jun 2020)

The Kunena team has announce the arrival of Kunena 5.1.18 [K 5.1.18] which is now available for download as a native Joomla extension for J! 3.9.x. This version addresses most of the issues that were discovered in K 5.1 and issues discovered during the development stages of K 5.1.

Question security for attachments

More
3 years 8 months ago - 3 years 8 months ago #1 by davood71
Hi
my using from kunena version : 5.0.2

in this kunena, when enabled protect attachment, good working and no problem and good access with (not access with Guest to attachment)---> this is good setting for kunena
but I've noticed something
when protect attach --> yes
load any files (images,txt,or any files) with link ---> localhost/forum/attachment/1 or anu number
for example :
localhost/forum/attachment/1
localhost/forum/attachment/2
localhost/forum/attachment/3
localhost/forum/attachment/300
localhost/forum/attachment/1000
or any number id
this is low security, becuase users can be guess and if set 1 to last number, can download or see any attachments
if enabled protect attachment, in database (table attachment) set filename (for example) =4861650dafeb90c197212d5c90e60a7b
i think if load attachments with basename (after change with kunena), good and high security
for example :
localhost/forum/attachment/3 ----> localhost/forum/attachment/4861650dafeb90c197212d5c90e60a7b
localhost/forum/attachment/4 ---->localhost/forum/attachment/d550dafeb86190c19722d5c9456dwa5d
so , users can not guess :)
is it possible?
In your opinion, if load with id number from table attachment, is low security?
please answer me
Thank you kunena
Last edit: 3 years 8 months ago by davood71.

Please Log in or Create an account to join the conversation.

More
3 years 8 months ago - 3 years 8 months ago #2 by davood71
Replied by davood71 on topic security for attachments
Hi
excuse me for open again topic
please read this topic
when protect attach --> yes
open attachment : localhost/forum/attachment/1 until localhost/forum/attachment/(ID Datbase)
because this open with ID table (kunena attachment), no low security? i thinks becuase open with ID table from database, maybe exist Vulnerability SQL injection (because open with ID attahment and Is not controlled link)
I am right?
I am worried, that exist Vulnerability SQL injection and load with this link localhost/forum/attachment/152 ===>> security is low
please answer me
Tahnk you for answer
i love kunena , very good component
Last edit: 3 years 8 months ago by davood71.

Please Log in or Create an account to join the conversation.

  • Not Allowed: to create new topic.
  • Not Allowed: to reply.
  • Not Allowed: to edit your message.
Time to create page: 0.129 seconds