Welcome, Guest
Username Password: Remember me
Forgot your password? Forgot your username? Create an account
Alphaplug
General questions about AlphaRegistration

AlphaRegistration in Vulnerable Extensions
(1 viewing) (1) Guest
Reply Topic
New Topic

TOPIC: AlphaRegistration in Vulnerable Extensions

AlphaRegistration in Vulnerable Extensions 2 years, 8 months ago #16489

  • Alistair
  • OFFLINE
  • Junior Boarder
  • Posts: 20
  • Points: 94
  • Karma: 0
AlphaRegistration in VULNERABLE EXTENSIONS:
docs.joomla.org/Vulnerable_Extensions_List#alpharegistration

Where is the update?
Reply Quote

Re: AlphaRegistration in Vulnerable Extensions 2 years, 8 months ago #16493

  • nag_sunny
  • OFFLINE
  • Fresh Boarder
  • Posts: 19
  • Points: 241
  • Karma: 1
DELETED CODE - FOR SECURITY REASONS. SEND ME PM SO THAT I CAN SEND YOU FIXES.

There are multiple issues in multiple files. I found 4 till now. Guys.. I strongly suggest uninstalling the component until all issues resolved.
http://www.corejoomla.com - Community Polls, Article Suggestions and more.
Last Edit: 2 years, 8 months ago by nag_sunny.
Reply Quote

Re: AlphaRegistration in Vulnerable Extensions 2 years, 8 months ago #16498

  • nag_sunny
  • OFFLINE
  • Fresh Boarder
  • Posts: 19
  • Points: 241
  • Karma: 1
The latest version just released does not fix the issue.

Bernard, please let me know if you need any assistance in fixing the issue. This could become a serious issue for most people if it does not get fixed immediately.
http://www.corejoomla.com - Community Polls, Article Suggestions and more.
Reply Quote

Re: AlphaRegistration in Vulnerable Extensions 2 years, 8 months ago #16504

  • Bernard
  • OFFLINE
  • Administrator
  • Posts: 2820
  • Karma: 106
Can you explain me why the latest release does not fix all issues ?
VEL team has not yet to remove the component from the list but AlphaRegistration has republished yesterday on JED.
More components on this site are free but...
Ever thought about giving something back?
Please make a donation if you want to support its continued development. Your donations help by hardware, hosting services and other expenses.
Last Edit: 2 years, 8 months ago by Bernard.
Reply Quote

Re: AlphaRegistration in Vulnerable Extensions 2 years, 8 months ago #16507

  • nag_sunny
  • OFFLINE
  • Fresh Boarder
  • Posts: 19
  • Points: 241
  • Karma: 1
Here is your fixed code:
$couponcode = JRequest::getVar('couponcode', '', 'post');	

if($couponcode)
	{

	$db	   =& JFactory::getDBO();	
	$query = "SELECT id FROM #__alpha_userpoints_coupons WHERE `couponcode`='".trim($couponcode)."' LIMIT 1";


The above code still does not escape the input values properly. Here is the right code you need to do
$couponcode = JRequest::getVar('couponcode', '', 'post');	

if($couponcode)
	{

	$db	   =& JFactory::getDBO();	
	$query = "SELECT id FROM #__alpha_userpoints_coupons WHERE `couponcode`='".$db->escape(trim($couponcode))."' LIMIT 1";

Trimming does not remove any malicious code. You need to escape and content before saving to database.

For example following input value for coupon code will delete your entire database
examplecoupon' AND 1=(delete FROM tabname);
http://www.corejoomla.com - Community Polls, Article Suggestions and more.
Reply Quote

Re: AlphaRegistration in Vulnerable Extensions 2 years, 8 months ago #16508

  • Bernard
  • OFFLINE
  • Administrator
  • Posts: 2820
  • Karma: 106
No need to remove any malicious code in sql query.: it's already clean before on get var by 

$couponcode = JRequest::getVar('couponcode', '', 'post');


No need to override the code...
More components on this site are free but...
Ever thought about giving something back?
Please make a donation if you want to support its continued development. Your donations help by hardware, hosting services and other expenses.
Reply Quote
Reply Topic
New Topic
Alphaplug
General questions about AlphaRegistration
Powered by Kunena
Time to create page: 0.56 seconds
Goto Top