Security vulnerablilities (General)

by Doug, Canada, Saturday, August 23, 2008, 17:12 (5697 days ago)

I ran MLF on my website several years ago and removed it because a number of websites warned of security vulnerabilities (just do a Google search for "My Little Forum Security"), specifically SQL injections.

I would like to return to MLF-- it's fast and has the features I want in my forum without a lot of bloat-- but in researching the current version, I found a site listing the following vulnerabilities

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger: crossite scripting, information leakage.

Have any of these vulnerabilities been addressed or will they be addressed in the near future? I would like to return to MLF, but I don't want to risk having my website hacked again.

locked
3016 views

Security vulnerablilities

by Jean-Pierre Norguet ⌂ @, Bruxelles, Wednesday, October 01, 2008, 12:45 (5658 days ago) @ Doug

I have a similar concern: I love MLF because it is so easy to post and I do not want to bother my users.

At the same time, if I find it easy, so will spammers! Still, I do not see much spam in the MLF online forum.

Do you clean up spams frequently and manually?

Jip

locked
2706 views

RSS Feed of thread