Orca scripts make Secunia.org

Nov 30, 2005

I can't say I'm too proud about it though :| Secunia.org is a security website which logs reports of security issues with scripts and programs. It seems my older scripts were vulnerable to a MySQL injection attack. This means that malicious users could painstakingly craft a special URI to make changes to the Orca Script MySQL tables, even deleting the tables altogether.

The possibility of it ever occuring is remote, although the potential for such things to happen still exist. So even though the reports just came out yesterday, I have posted fixed versions for all of the affected scripts today. This includes updates for the Forum, Blog, Knowledgebase and Ringmaker.

I strongly recommend you upgrade to the latest version if you are currently using one of the above four scripts.

This event got me thinking though. The Forum, Blog and Knowledgebase are my oldest scripts, and also the most primitive. And while I like building all of my own tools, perhaps the time has come to specialize on my two most favouritest (!!!) scripts, the Ringmaker and Search.

I may make myself another blog, but the Knowledgebase is well past its prime; really, I don't even use it on my site as the existing questions are all over a year old. So the advisories from secunia coming when they did, it is almost a final straw, so to speak. Perhaps it is time some scripts were put out of their misery. I don't have time to spend developing all five anymore.


Comments closed

Recent posts

  1. Customize Clipboard Content on Copy: Caveats Dec 2023
  2. Orcinus Site Search now available on Github Apr 2023
  3. Looking for Orca Search 3.0 Beta Testers! Apr 2023
  4. Simple Wheel / Tire Size Calculator Feb 2023
  5. Dr. Presto - Now with MUSIC! Jan 2023
  6. Archive