Web Wiz Forums v7.8 - security update
Printed From: Web Wiz Forums
Category: Web Wiz Web App Support Forums
Forum Name: Web Wiz Forums
Forum Description: Support forum for Web Wiz Forums application.
URL: https://forums.webwiz.net/forum_posts.asp?TID=10247
Printed Date: 08 April 2026 at 5:01am
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com
Topic: Web Wiz Forums v7.8 - security update
Posted By: WebWiz-Bruce
Subject: Web Wiz Forums v7.8 - security update
Date Posted: 01 May 2004 at 8:58am
|
http://www.webwizforums.com/ - Web Wiz Forums version 7.8 has been released today and addresses some security problems with previous versions. If you are running an older version you should upgrade IMMEDIATELY. A report was received today at Web Wiz Guide detailing security bug issues relating to Web Wiz Forums 7.7a or below. In response to this I have spent most of the morning working on a new version of Web Wiz Forums, version 7.8, which has been released and fixes these security bugs as well as tightening up security in a number of other areas. If you are running a version of Web Wiz Forums prior to version 7.8, you should upgrade IMMEADIATLY, in order to keep your forum secure. http://www.webwizforums.com - Download Web Wiz Forums 7.8 http://www.zap2.me.uk/7.7a_to_7.8_path_files.zip - Download Web Wiz
Forums 7.7a to 7.8 security patch update file
IMMEIDATE UPDATE WARNING FOR PATCH FILE USERS
------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Replies:
Posted By: MadDog
Date Posted: 01 May 2004 at 2:22pm
|
Thanks for the update. ------------- http://www.iportalx.net" rel="nofollow"> 
|
Posted By: kmacy
Date Posted: 01 May 2004 at 4:15pm
|
Borg, probably not a big deal but it looks like you might have made a change to the common.asp file as well. (Just based on the date of the file) ------------- Ken Macy |
Posted By: Eftie
Date Posted: 01 May 2004 at 4:57pm
|
Hej Borg, So I just did what jou said and what happens: ADODB.Recordset error '800a0cc1' Item cannot be found in the collection corresponding to the requested name or ordinal. /forum7/pop_up_topic_admin.asp, line 228 If I replace the old files : it works as a rocket! Using MsAccess version 7.7a with no problems. ------------- Eftie |
Posted By: weppos
Date Posted: 01 May 2004 at 4:59pm
|
There are some problems in pop_up_topic_admin.asp .
1. At line 228 the code looks for a field in the database that doesn't exist (probably the moderate field for 8.0 version).
I suggest to delete or comment code line. 2. At line 349 is required strTxtHideTopic variabile. I suggest to delete or comment code lines from line 348 to 351
3. At line 149 the same field is required. Delete or comment code line
|
Posted By: surround
Date Posted: 01 May 2004 at 8:13pm
|
Hello for all. First i want to congratulate to the author of this page and tools, you do a great work. I just install (copy) the new archives of version 7.8 and i have a error in other file named: login_users_test.asp Error de Microsoft VBScript en tiempo de ejecución error '800a000d' no match types: 'removeAllTags'
/login_user_test.asp, línea 88. May be this file need to be updated. Sorry for my english. |
Posted By: WebWiz-Bruce
Date Posted: 02 May 2004 at 8:48am
|
It's a bit hard to anwser these questions like this. If you have a support question, so that it can be answered properly please open a new topic and ALSO INCLUDE THE VESRION YOU ARE USING! eg Database type, lite of full version. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: WebWiz-Bruce
Date Posted: 02 May 2004 at 8:52am
|
The issue with pop_up_topic_admin.asp, the wrong file was placed in the zip file containing just the ammeded files. The patch zip file has been updated to include the correct file now, so just download the patch zip file again. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: WebWiz-Bruce
Date Posted: 02 May 2004 at 8:54am
The only thing changed in the common.asp file is the version number. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
kmacy wrote:Posted By: Semikolon
Date Posted: 02 May 2004 at 1:50pm
| may I ask what security holes there were before 7.8? or is it a secret? |
Posted By: Mart
Date Posted: 02 May 2004 at 3:01pm
| Borg, if I was you I wouldn't tell the exact security hole and how it can be manipulated but I would say what the security issue can do... |
Posted By: WebWiz-Bruce
Date Posted: 03 May 2004 at 5:01am
|
I can't really say as this would allow un patched forums to be hacked. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: WebWiz-Bruce
Date Posted: 03 May 2004 at 5:11am
|
IMMEIDATE UPDATE WARNING FOR PATCH FILE USERS!!! If you downloaded the patch file only (this does not effect the full 7.8 version) before the 3rd of May 10am GMT, then you need to re-download this zip file immediatly as an important file, in the rush to release this zip file, was left out. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: tj2004
Date Posted: 03 May 2004 at 12:13pm
|
Can we upgrade from (our current) version 7.01 to 7.8 without loosing any of our data? - or - Do you have a link to upgrade from 7.01 to 7.7?
Then we could install the security patch.
- TJ
|
Posted By: WebWiz-Bruce
Date Posted: 03 May 2004 at 1:14pm
|
You haven't said what database version you are running???? 7.01 is
about 10 versions behind and there are many new features and security
updates since then. If you are running the Access version just download the full version 7.8 and replace all the files except the database .mbd file. If you are running the MS SQL server version, then do the same as above, but you will also need to search this forum to find all the update posts on what Stored procedures need to be changed on the MS SQL Server. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: dazedconfused
Date Posted: 03 May 2004 at 7:18pm
|
In the admin menu, the admin_menu.asp still shows 7.7a - it calls "strVersion". I don't mind this too much now, but it can confuse me later as to what version I have installed. How do I update this? Thanks for the updates, boRg! It's good to have you back!
|
Posted By: WebWiz-Bruce
Date Posted: 04 May 2004 at 5:44am
|
It's held in the common.asp file.
------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: ask023
Date Posted: 06 May 2004 at 9:26am
|
Dear Bruce, I understand that you should not discoluse security bug details... Thank you in advance, |
Posted By: WebWiz-Bruce
Date Posted: 07 May 2004 at 3:16am
|
Sensitive data can be retrieved from the database and used by a hacker to gain access to your forum including the admin account. Also. If you are using the Access version then unless you have followed the install instructions to secure your access database then it can be downloaded and your forum comprimised. If using Access you should always follow the install intructions on the following page to secure your forum!!!:- http://www.webwiz.net/web_wiz_forums/docs_access_move_db.asp?mode=forum - http://www.webwiz.net/web_wiz_forums/docs_access_move_ db.asp?mode=forum ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: seabuggz
Date Posted: 09 May 2004 at 12:07pm
|
Just so you know, and this is a minor detail I know: after uploading the patch files (7.7a to 7.8) the "Powered by ... version 7.7a" doesn't change to " ... version 7.8". Other than that: haven't had any problems worth mentioning here. Great stuff!!! ------------- ..::. http://www.CIZE.de - www.CIZE.de * Modern Rock - Forum powered by Web Wiz apps. ..::. |
Posted By: WebWiz-Bruce
Date Posted: 09 May 2004 at 12:56pm
|
The version number is held in the common.asp files, you need to replace these files to update the version number.
------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: SKY2nd
Date Posted: 09 May 2004 at 2:53pm
|
Thanks -borg-, update patch worked with out a hitch. Also you might to let them know that there are 2 common.asp files. one is also in the admin folder. Other updates I have gotten I couldn't tell which file in which folder so I would just download the whole program and update that with my personal changes. |
Posted By: Matt270581
Date Posted: 11 May 2004 at 4:05am
|
Thanks -borg-. No probs with the patch from 7.7a to 7.8. Keep up the good work. |
Posted By: GoodLook
Date Posted: 11 May 2004 at 5:16am
|
Same here, i'm planning to translate 7.8 to Dutch(nederlands)
------------- Your Partner For Quality |
Posted By: WebWiz-Bruce
Date Posted: 11 May 2004 at 6:43am
|
If you look in the language_file.asp file any new varaiables are added
to the end under which version the new variables came in from. All you
neeed to do is copy and paste across these new varaiables and translate
them.
------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: BoLt
Date Posted: 11 May 2004 at 8:04am
|
Well done BoRg I have been using this patch from the date 1st released without problems. ------------- BoLt (Computer Engineer) I suffer from Dyslexia, it means I can not spell to well not that I am thick. www.welshlens.co.uk |
Posted By: webwiser
Date Posted: 17 May 2004 at 6:35am
|
|
Posted By: WebWiz-Bruce
Date Posted: 17 May 2004 at 7:30am
|
An aplpha release is a pre public release. The next version is currently being tested on this site as it is written. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: webwiser
Date Posted: 17 May 2004 at 4:09pm
|
Can any one please give me a step by step metod of upgrading from 7.01 to 7.8 . (using a mssqlserver) tanks ! |
Posted By: WebWiz-Bruce
Date Posted: 18 May 2004 at 3:23am
|
There are a number of changes to the stored procedures, you will have
to search the forum for old upgrade posts to find what stored
procedures need to be changed. Apart from that, the files just need to be over written by the new files in the forum. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: zadax
Date Posted: 19 May 2004 at 7:23am
| what about 7.5 to 7.8 ? can i use the patch ? it will work ? |
Posted By: WebWiz-Bruce
Date Posted: 19 May 2004 at 7:44am
|
No, as there have been other security and bug fixes between 7.5 and 7.8. There have been around 5 or 6 versions since 7.5 was released around 10 months ago. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: motorhead85021
Date Posted: 26 May 2004 at 6:17pm
|
Don't know if this has been posted already, but I can't unzip V7.8 It downloads fine, but when I double-click it (or right click), it says file-corrupted. I tried both UK and USA downloads.
|
Posted By: WebWiz-Bruce
Date Posted: 27 May 2004 at 1:54pm
|
Try using WinRAR or the built in un zip utility in Windows to unzip the file.
------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: whittibo
Date Posted: 31 May 2004 at 10:11pm
|
BoRg, I am running version 7.7 on MSSql, can I use the patch or do I have to switch over to 7.8? also, is there somewhere that I can sign up for important security information like this. I came here looking for something (funny that I can't even remember what that was now?!) but I found this.. thanks so much! ------------- Live and learn through trial and error ~ when all else fails, ASK! |
Posted By: WebWiz-Bruce
Date Posted: 01 June 2004 at 3:29am
|
The patch file will work on the MS SQL Server version. I'm hoping to have the new version of the mailing list finshed soon, as soon as this is done you will be able to signup to receive Newsletters and security information from the site or on the various applications. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: whittibo
Date Posted: 04 June 2004 at 8:57pm
|
Hello again! I downloaded the patch, switched the files over and now nobody can register because the security code images aren't coming up.. can you please advise what I should do.. thanks! ------------- Live and learn through trial and error ~ when all else fails, ASK! |
Posted By: WebWiz-Bruce
Date Posted: 05 June 2004 at 6:02am
|
Not sure what the problem is without knowing the exactt error. As this is off topic open a new topic on this with a link or an error message. Also check that your security code images are uploaded in the correct folder and that the file is not corrupted. If you are using an older version than 7.7a then you may need to download the full version and update all the files. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: LewisH
Date Posted: 12 June 2004 at 11:01pm
| Version 7.7a here. Which files do I need to update? |
Posted By: dj air
Date Posted: 13 June 2004 at 6:55pm
|
LewisH, all you have to do is download the patch, and upload the files in the patch zip. please search to make sure that the answer hasn't been given. saves posts. your question was answered on the first page of this topic by -boRg- he wrote http://www.zap2.me.uk/7.7a_to_7.8_path_files.zip - Download Web Wiz Forums 7.7a to 7.8 security patch update file so please research the question before posting |