JEvents 1.5 (No longer actively supported)

Hack attemps

JEvents 2.0 was launched over 2 years ago and the latest stable version is version 2.2 which will run on Joomla 1.5 and Joomla 2.5. JEvents 1.5 is therefore no longer actively supported - you should upgrade to JEvents 2.2+ as soon as possible.
Forum rules
Please include as much detail in any test or bug reports for JEvents 1.5 as possible.

First of all, check if you are running the latest available version of Joomla! and JEvents. Posts for issues, where both systems are not updated, will be ignored.

We need the following at least:

* PHP version (e.g. 5.2.5). Note: Support for PHP4 is discontinued.
* Joomla! version
* JEvents version
* Web Server software (Apache or IIS with version number if possible)
* Server Operating system (e.g. Linux, Windows, Solaris, Darwin ...)
* Database version
* memory_limit from your phpinfo
* Web browser and version

Please enable error reporting and include any error messages in your posting. You do this via the Joomla Configuration - set "error reporting" to "maximum" on the Server tab.

Finally, please describe the steps required to recreate the problem and also please enable error reporting and give us any error messages generated.

Postby Doudar » Mon Jan 09, 2012 4:32 pm

After a recent site hack I have installed Admin Tools Pro across all my Joomla sites and have noticed it is picking up a lot of attempts aimed at JEvents, e.g.

http://www.domain.uk/index.php?option=com_jevents&task=icals.icalevent&template=compone
nt&evid=97&Itemid=22

These are classed as template= in URL attacks, not to sure what that means?

I am not too concerned at these attempts but does anyone know what they are trying to do by doing this?

I have the latest version of Joomla (1.5.25) and JEvents (2.0.11)

Regards

JohnD
Doudar
 
Posts: 5
Joined: Wed May 26, 2010 9:24 am

Postby Tonyp » Mon Jan 09, 2012 5:52 pm

They might be trying to use the XSS ( Cross Site Scripting ) security bug that was found in JEvents 1.5.5 and prior and iirc 2.0.10 and prior.

However, you are running 2.0.11 so safe :).

Regards
Tony
---------------------------------------
Feel free to PM me if you would like Custom Installs or Joomla! related work for a competitive quote.

User avatar
Tonyp
Team Staff
 
Posts: 23793
Joined: Tue Oct 12, 2010 9:12 pm
Location: Isle of Man

Postby Geraint » Tue Jan 10, 2012 11:54 am

This is not a hack attempt - it is a typo in the code.

In the file components/com_jevents/libraries/jeventcal.php line 627 should read
Code: Select all
$link = "index.php?option=".JEV_COM_COMPONENT."&task=icals.$task&tmpl=component&evid=".$this->id()
and not
Code: Select all
$link = "index.php?option=".JEV_COM_COMPONENT."&task=icals.$task&template=component&evid=".$this->id()


Version 2.1.6 will incorporate this change.
JEvents Club members can get priority forum support at the Support Forum. As well as access to a variety of custom JEvents addons and benefits. Join the JEvents club today!
User avatar
Geraint
 
Posts: 42837
Joined: Fri Feb 15, 2008 6:14 pm


Return to JEvents 1.5 (No longer actively supported)

  • Who is online
  • View new posts
  • View unanswered posts
  • In total there is 1 user online :: 1 registered and 0 hidden (based on users active over the past 5 minutes)
  • Most users ever online was 94 on Tue Sep 01, 2009 12:33 am
  • Users browsing this forum: Bing [Bot]