Orca scripts make Secunia.org
Nov 30, 2005I can't say I'm too proud about it though Secunia.org is a security website which logs reports of security issues with scripts and programs. It seems my older scripts were vulnerable to a MySQL injection attack. This means that malicious users could painstakingly craft a special URI to make changes to the Orca Script MySQL tables, even deleting the tables altogether.
The possibility of it ever occuring is remote, although the potential for such things to happen still exist. So even though the reports just came out yesterday, I have posted fixed versions for all of the affected scripts today. This includes updates for the Forum, Blog, Knowledgebase and Ringmaker.
I strongly recommend you upgrade to the latest version if you are currently using one of the above four scripts.
This event got me thinking though. The Forum, Blog and Knowledgebase are my oldest scripts, and also the most primitive. And while I like building all of my own tools, perhaps the time has come to specialize on my two most favouritest (!!!) scripts, the Ringmaker and Search.
I may make myself another blog, but the Knowledgebase is well past its prime; really, I don't even use it on my site as the existing questions are all over a year old. So the advisories from secunia coming when they did, it is almost a final straw, so to speak. Perhaps it is time some scripts were put out of their misery. I don't have time to spend developing all five anymore.
⇐ Orca Search 2.0b released | Forum, Blog and Knowledgebase discontinued ⇒ |