×
Kunena 5.1 Beta 1 Released (05 Oct 2017)

The Kunena team is pleased to announce Kunena 5.1.0 Beta 1 [K 5.1 Beta 1].
Please read the blog post for information: www.kunena.org/blog/188-kunena-5-1-beta-released

×

Please Read This First:


This category is only for reporting defects with K 3.0.

Do not use this category:
  • to ask general questions about how to use K 3.0 or to ask when new versions of Kunena will be released;
  • to ask about other (older) versions of Kunena; or
  • if you have tried to install K 3.0 on J! 1.5; or
  • if you installed K 3.0 on a live, production site and you want your site restored to its previous state; or
  • if this website ( www.kunena.org ) works but works differently to how you expected.

You must include your K 3.0 configuration report; if you do not include your configuration report, your topic may be closed (locked) or deleted without any further warnings from the moderators.

Topics that have been closed (resolved) will be archived and no further discussion on those topics will be allowed.

Question SQL Injection Vulnerability (false alarm)

More
2 years 7 months ago - 2 years 7 months ago #1 by clickprecision
clickprecision created the topic: SQL Injection Vulnerability (false alarm)
I get scanned from McAfee Secure and they picked up on this vulnerability:

This message contains confidential information


Many thanks
Last Edit: 2 years 7 months ago by Matias.

Please Log in or Create an account to join the conversation.

More
2 years 7 months ago #2 by 810
810 replied the topic: SQL Injection Vulnerability
could you add the kunena report.

Your feedback on the JED helps us improve Kunena!

Please Log in or Create an account to join the conversation.

More
2 years 7 months ago #3 by clickprecision
clickprecision replied the topic: SQL Injection Vulnerability

This message contains confidential information

Database collation check: The collation of your table fields are correct

Joomla! SEF: Enabled | Joomla! SEF rewrite: Enabled | FTP layer: Disabled |

This message contains confidential information
htaccess: Exists | PHP environment: Max execution time: 180 seconds | Max execution memory: 64M | Max file upload: 20M

Kunena menu details:

Warning: Spoiler! [ Click to expand ]

Joomla default template details : theme3022 | author: TemplateMonster.com | version: 3.0 | creationdate: Unknown

Kunena default template details : Custom | author: TemplateMonster | version: 3.0.6 | creationdate: 2014-02-26

Kunena version detailed: Kunena 3.0.6 | 2014-07-28 [ Tala ]
| Kunena detailed configuration:

Warning: Spoiler! [ Click to expand ]
| Kunena integration settings:
Warning: Spoiler! [ Click to expand ]
| Joomla! detailed language files installed:
Warning: Spoiler! [ Click to expand ]

Third-party components: None

Third-party SEF components: None

Plugins: None

Modules: None

Please Log in or Create an account to join the conversation.

More
2 years 7 months ago #4 by 810
810 replied the topic: SQL Injection Vulnerability
Look at you kunena template components\com_kunena\template\your_template\html\user\list.php

And look that the inputs are $this->escape. Then you will be fine.

You can use the default kunena template, and do a scan again.

Your feedback on the JED helps us improve Kunena!

Please Log in or Create an account to join the conversation.

More
2 years 7 months ago - 2 years 7 months ago #5 by clickprecision
clickprecision replied the topic: SQL Injection Vulnerability
Thank you for your help, however that did not seem to fix the issue. Example:


This message contains confidential information
Last Edit: 2 years 7 months ago by 810.
The following user(s) said Thank You: xillibit

Please Log in or Create an account to join the conversation.

More
2 years 7 months ago #6 by 810
810 replied the topic: SQL Injection Vulnerability
thank you for your report, we will fix this issue

Your feedback on the JED helps us improve Kunena!
The following user(s) said Thank You: clickprecision

Please Log in or Create an account to join the conversation.

More
2 years 7 months ago #7 by 810
810 replied the topic: SQL Injection Vulnerability
fyi, this is no sql injection, but the filter get a unknown input and breaks. we will have the fix included in the next version.

Your feedback on the JED helps us improve Kunena!

Please Log in or Create an account to join the conversation.

More
2 years 7 months ago #8 by clickprecision
clickprecision replied the topic: SQL Injection Vulnerability
Thank you for your help. I know this is not usual visitor behavior and since there is no system compromise, the issue is small. Good to keep McAfee alarms down though.

Please Log in or Create an account to join the conversation.

More
2 years 7 months ago #9 by Matias
Matias replied the topic: SQL Injection Vulnerability (false alarm)
I personally reviewed the code and there is no SQL injection vulnerability, but there is fatal error because of the illegal input caused a value to become NULL instead of array, which was expected by a function.

There is an easy fix for this; just return on bad input instead of continuing..

No, I'm not reading my private messages. Please use forum to get support and email for private matters.
Reviews on the Joomla Extension Directory are always appreciated.
The following user(s) said Thank You: ChaosHead

Please Log in or Create an account to join the conversation.

  • Not Allowed: to create new topic.
  • Not Allowed: to reply.
  • Not Allowed: to add attachements.
  • Not Allowed: to edit your message.
Time to create page: 0.384 seconds