additional
Home > Forum > Joomla components > Customers Who Bought... > SECURITY ISSUE modcustomerswhobought_j1.5_v1.0.11
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: SECURITY ISSUE modcustomerswhobought_j1.5_v1.0.11

SECURITY ISSUE modcustomerswhobought_j1.5_v1.​0.11 6 years 10 months ago #17138

Hi,

According to a programmer there is a security issue in the mod_customers_who_bought_j1.5_v1.0.11 module. The programmer tells my that in the javascript there are no escapes in the PHP code. Now he has change the following in the module:

On line 250,251 & 252
typea:"<?php echo $type_analisis; ?>",
max_page:"<?php echo $count_product_pages; ?>",
product:"<?php echo $countproduct ?>",

CHANGED TO
typea:<?php echo json_encode($type_analisis); ?>,
max_page:<?php echo json_encode($count_product_pages); ?>,
product:<?php echo json_encode($countproduct); ?>,

On line 336,337 & 338
typea:"<?php echo $type_analisis; ?>",
max_page:"<?php echo $count_product_pages; ?>",
product:"<?php echo $countproduct ?>",

CHANGED TO
typea:<?php echo json_encode($type_analisis); ?>,
max_page:<?php echo json_encode($count_product_pages); ?>,
product:<?php echo json_encode($countproduct); ?>,

On line 390,391,392 & 393
itemid:"<?php echo $Itemid; ?>",	
typea:"<?php echo $type_analisis; ?>",
page:"<?php echo $page; ?>",
flypage:"<?php echo $flypage; ?>",

CHANGED TO
itemid:<?php echo json_encode($Itemid); ?>,	
typea:<?php echo json_encode($type_analisis); ?>,
page:<?php echo json_encode($page); ?>,
flypage:<?php echo json_encode($flypage); ?>,

On line 531 & 532
flypage: '<?php echo $flypage; ?>',
Itemid:'<?php echo $Itemid; ?>',

CHANGED TO
flypage:<?php echo json_encode($flypage); ?>,
Itemid:<?php echo json_encode($Itemid); ?>,

Can you please let me know if this is a security leak, and if it will work. (I haven't updated it yet because I need a second opinion).

Looking forward to hear from your!

Regards,

Henry
Last Edit: 6 years 10 months ago by Henry Peeters.
The administrator has disabled public write access.

Re: SECURITY ISSUE modcustomerswhobought_j1.5_v1.​0.11 6 years 10 months ago #17147

  • Maria
  • Maria's Avatar
  • OFFLINE
  • JoomPlace Team
  • Posts: 1662
  • Thank you received: 388
  • Karma: 36
Hello Henry,

Function json_encode is a string displayed as json, i.e. in our case the function uses inverted commas for strings which are displayed by means of echo.
Frankly speaking, we don't quite see the difference as these strings are used with inverted commas anyway.

We did follow your advise, however, and implemented necessary changes. Please note the issue does not have to do with security leak.

The updated extension is already available in Members Area.
JoomPlace Support Team
The administrator has disabled public write access.
  • Page:
  • 1
Time to create page: 0.172 seconds

We do our best to secure your data and to be
GDPR compliant.
However, we are not fully there yet.

With that said we'd like you to know that we use cookies.
We store user session cookie only to enable both registered and guest users to use the shopping cart.
Please note that 3rd party cookies may still be encountered on the pages with social media "share" and "like" buttons.

To ensure your privacy we have currently stopped using any analytics tools like Google Analytics.

We anonymize your IP address on the server side so your IP is not tracked by any means.

We DO NOT pass ANY of your data to 3rd parties.
We will do our best to provide maximum transparency in future if anything will change.

Also, we will store cookies to determine if you saw this message.