Closed TowerForte closed 3 years ago
Can you provide the URL to the vulnerability report on the OBB website? I have a developer who is ready to fix this for my installations. I will be happy to share the update with the community.
https://www.openbugbounty.org/reports/1628025/ we have till the 19 March 2021 04:25 GMT when the vulnerability is made public
Hmm, I wish I could see specifically what the vulnerability is they found -- but obviously I don't own that site.
There are no technical details provided. If it's something with the core script then it can be patched, but it's also possible it's an isolated issue with that users installation.
I suggest changing your admin folder names.
https://phpmydirectory.atlassian.net/wiki/spaces/PMDDOC/pages/10748067/Security+Tips?src=search
Then also adding htaccess password protection to the admin area:
A lot of web hosts have an easy way to do this from their control panels.
Open bug bounty has reported a vulnerability in the script
Barrie