My friends owns a site.
(rockhabbo.com)
and last night someone hacked out cutenews and habbo cpg.
cutenews via search.php and habbocpg via mysql injection
he left this message:
dunno if you got my msn messages matt but the news and events pages have I ****** this ***** *** system.. Big up to TheGrimz.NET ;] Wafers from Habbo UKE-mail: ** REMOVED **
0 CommentsPosted on 31 Jan 2008 by Squally posted on them!!!!
only us will know the email but if it happens to you.. Well theres your contact
Results 1 to 6 of 6
-
HabboCPG & Cutenews = Unsecure bigtime!
The Time Has Come...
-
-
This exploit has been known for some time now.
-
Should have payed attention to cutephp forums...
Coming and going...
Highers are getting the better of me
-
Quite easy?
Just remove search.php or get the latest patch.Code:dosearch=yes;files_arch[]=./data/users.db.php;title=$username
-
Hello,
The site was "hacked" through Cutenews (as earlier posts suggest, search.php).
If HabboCPG was compromised, it is likely due to harvested login information being the same as on HabboCPG.
We are constantly working to make HabboCPG a more secure, easier to use radio control panel, and would appreciate it if you could send us any server logs showing how you think HabboCPG was hacked; we will then check for security holes, and patch them up.
-Alex
Lineapp.net
Edited by H0BJ0B (Forum Moderator): Please do not bump threads.Last edited by H0BJ0B; 06-03-2008 at 11:46 PM.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts