Web Wiz - Green Windows Web Hosting - Celebrating 25 Years!
Web Wiz Homepage Search Web Wiz

  New Posts New Posts RSS Feed - Whats new in 7.91?
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

Whats new in 7.91?
 Post Reply Post Reply Page  <123
Author
  Topic Search Topic Search  Topic Options Topic Options
WebWiz-Bruce View Drop Down
Admin Group
Admin Group
Avatar
Web Wiz Developer

Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844 		Post Options Post Options   Thanks (0) Thanks(0)   Quote WebWiz-Bruce Quote  Post ReplyReply Direct Link To This Post Posted: 10 June 2005 at 5:05pm
This site has nothing to do with the URL you have posted so I can't see how or why you would get that line unless you have modified the files.
Web Wiz Forums Hosting
ASP.NET Web Hosting
Back to Top
pjb007 View Drop Down
Groupie
Groupie


Joined: 03 September 2004
Location: United Kingdom
Status: Offline
Points: 185 		Post Options Post Options   Thanks (0) Thanks(0)   Quote pjb007 Quote  Post ReplyReply Direct Link To This Post Posted: 15 June 2005 at 11:54am
Sorry to post this again but I downloaded all of the software when I read about the update and uploaded everything, the forum is working but says version 9.7, when I click the 'Check for Updates' it tells me to download 9.71 as I uploaded all the files not just the changed file does this mean that my update has not worked?
Back to Top
WebWiz-Bruce View Drop Down
Admin Group
Admin Group
Avatar
Web Wiz Developer

Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844 		Post Options Post Options   Thanks (0) Thanks(0)   Quote WebWiz-Bruce Quote  Post ReplyReply Direct Link To This Post Posted: 15 June 2005 at 12:14pm
No, sorry it looks like I forgot to update the version number in the file 'admin/common.asp'
Web Wiz Forums Hosting
ASP.NET Web Hosting
Back to Top
pjb007 View Drop Down
Groupie
Groupie


Joined: 03 September 2004
Location: United Kingdom
Status: Offline
Points: 185 		Post Options Post Options   Thanks (0) Thanks(0)   Quote pjb007 Quote  Post ReplyReply Direct Link To This Post Posted: 15 June 2005 at 12:19pm
Is it OK to change
 
'Intialise variables
Const strVersion = "7.9" to
 
'Intialise variables
Const strVersion = "7.91"
 
then
Back to Top
NeutralizeR View Drop Down
Newbie
Newbie


Joined: 14 December 2004
Location: Turkey
Status: Offline
Points: 35 		Post Options Post Options   Thanks (0) Thanks(0)   Quote NeutralizeR Quote  Post ReplyReply Direct Link To This Post Posted: 15 June 2005 at 3:22pm
Yes, it's enough...
 
Change them both in
 
admin\common.asp
 
&
 
common.asp files...
Back to Top
theSCIENTIST View Drop Down
Senior Member
Senior Member


Joined: 31 July 2003
Location: United Kingdom
Status: Offline
Points: 440 		Post Options Post Options   Thanks (0) Thanks(0)   Quote theSCIENTIST Quote  Post ReplyReply Direct Link To This Post Posted: 18 June 2005 at 3:06am
So what have they done?
Injection with the style tag?

That's the only line I see added in new (functions_filters.asp).

If you prefer not to talk about it, I understand, sometimes it's better that way.
:: www.mylittlehost.com
Back to Top
WebWiz-Bruce View Drop Down
Admin Group
Admin Group
Avatar
Web Wiz Developer

Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844 		Post Options Post Options   Thanks (0) Thanks(0)   Quote WebWiz-Bruce Quote  Post ReplyReply Direct Link To This Post Posted: 18 June 2005 at 4:41am
Basically browsers allow you to place CSS styles within a page just using:-

<style> CSS here </style>

The problem with this is that the CSS is not actually within HTML tags eg < > so is hard to filter.

Anyway, some annoying idiot discovered that you can use this to change the back ground image using CSS. This wouldn't be so bad, but the person who discovered this linked to a background image that said 'This forum has been hacked!!'.

So it's not really a major security problem and it's quite simple to just delete the post, the problem was it took me the best part of a day to work out how to prevent it without removing legitimate 'Style' tags for things like font colours etc.
Web Wiz Forums Hosting
ASP.NET Web Hosting
Back to Top
 Post Reply Post Reply Page  <123

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 12.08
Copyright ©2001-2026 Web Wiz Ltd.

Become a Fan on Facebook Follow us on X Connect with us on LinkedIn Web Wiz Blogs
About Web Wiz | Contact Web Wiz | Terms & Conditions | Cookies | Privacy Notice

Web Wiz is the trading name of Web Wiz Ltd. Company registration No. 05977755. Registered in England and Wales.
Registered office: Web Wiz Ltd, Unit 18, The Glenmore Centre, Fancy Road, Poole, Dorset, BH12 4FB, UK.

Prices exclude VAT at 20% unless otherwise stated. VAT No. GB988999105 - $, € prices shown as a guideline only.

Copyright ©2001-2026 Web Wiz Ltd. All rights reserved.