Author Topic: SECURITY UPDATE for recent exploits (redirect when you access your forum)  (Read 10827 times)

Offline Daniel15

Recently, I was informed of an XSS problem in SMFShop. If you have been affected by this problem, your forum will redirect to another site when you visit it.This was caused by several items not correctly sanitising user-supplied input. To fix this problem, please replace the following files in your SMFShop installation's Sources/shop/items directory ASAP:
ChangeDisplayName.php
ChangeUserTitle.php
ChangeUsername.php
ChangeOtherTitle.php
(right-click each link, choose "Save Target As" or "Save Link As", save the files to your computer, and then upload them via FTP to your site
If you are unable to do this immediately, please remove any said items from your shop to prevent your site from being exploited.

If you were exploited, please run the following queries in phpMyAdmin. This will set all user's display names back to their username:
SMF 1.1:
Code: [Select]
UPDATE smf_members SET realName = memberName
SMF 2.0:
Code: [Select]
UPDATE smf_members SET real_name = member_name
Alternatively you may try these queries, which should only change the names of users who abused the exploit:
SMF 1.1:
Code: [Select]
UPDATE smf_members SET realName = memberName WHERE real_name LIKE "%<SCRIPT%"
SMF 2.0:
Code: [Select]
UPDATE smf_members SET real_name = member_name WHERE real_name LIKE "%<SCRIPT%"
Sorry about this guys! When I get some free time, I (as well as others) will be going over SMFShop's code, looking for any similar problems. Because this is a project I do in my free time, I don't get much time to dedicate to it.

Thanks,
 - Daniel15
« Last Edit: November 25, 2007, 12:56:00 pm by Daniel15 »

Offline adicrst

did you updated this files too in the shop download packet ?

Offline brianjw

Well the simplest way to find that out is to check! ;)