WBCE CMS Forum

WBCE CMS – Way Better Content Editing.

You are not logged in.

#1 26.08.2015 22:59:07

norhei
Developer

Webadmin

The webadmin tool had some issues whith notices and deprecated warnings so i hopefully repaired all of them.

[ADMIN EDIT] florian: deleted attachment due to security reasons. See next post.

Last edited by florian (27.08.2015 03:12:40)

Offline

#2 27.08.2015 02:47:29

florian
Administrator

Re: Webadmin

Zur Klarstellung: Dies ist war KEIN Modul für WBCE.

ACHTUNG! GEFAHR! SICHERHEITSRISIKO!

Dieses Script ermöglicht den UNKONTROLLIERTEN ZUGANG zum Server-Dateisystem. JEDER BESUCHER, der die Adresse des Scripts kennt, könnte damit den Server manipulieren, Schadscripte hochladen oder alle Dateien auf dem Server löschen. Wer dieses Script benutzt, MUSS sicherstellen, dass NUR er und niemand sonst Zugriff darauf hat. Wer nicht weiß, wie das geht, DARF DIESES SCRIPT NICHT BENUTZEN!!!!!!!!!!!!!



For clearance: This is was not a WBCE module, but a standalone script.

WARNING! TO USE THIS SCRIPT IS A SECURITY RISK.

DO NOT just put it onto your server and leave it there as-is. ANY visitor could use it to manipulate your server, upload malicious files or delete the whole website. You HAVE to make sure that noone except you can access it. If you don't know how to do this, DON'T USE THIS SCRIPT!!!!!!!!!!!!!

Offline

#3 27.08.2015 09:30:58

norhei
Developer

Re: Webadmin

1. Webadmin tool is only in dev tool package.
2. The same warning applies to AFE .
3. All powerfull  tools are always potential security risks.
4. Simply remove this thread as its useless whithout DL, gives a bad feeling about security and looks ugly ;-)

Offline

#4 27.08.2015 09:35:27

florian
Administrator

Re: Webadmin

1) You had attached it here w/o further explanation
2) Correct, that's why it's not shipped anymore in the installer
3) Correct, but have a look f.ex. at onefilecms, it has afaik similar functions and is password protected (of course the user has to change password+username to make it secure)
4) The file was already downloaded from here, so I leave the thread because of the threat

Offline

#5 27.08.2015 09:49:44

norhei
Developer

Re: Webadmin

OK , At least anyone can see we care about Security ! smile

Offline

#6 27.08.2015 12:11:18

norhei
Developer

Re: Webadmin

Tested onefilecms and found its a nice solution.
Still prefer webadmin.
Php 4.1 ...runns on even really old stuff like some old embedded systems.
Plain html , no javascrip. Runns on realy old browsers, even on some text browsers.
No need to somehow hash a pw, notmany pepole will do anyway...
Upload, use, remove.
No session no cookies.
Personally i really think of adding some more features ...

Dont know why i love old stuff?

Last edited by norhei (27.08.2015 12:40:31)

Offline

Board footer

Powered by FluxBB

up