Free Forum Software and Hacking
- Thread starter Jason76
- Start date
KnownSyntax
Resident
Backdoors on the system, insecure PHP versions and not updating, insecure Apache/ngnix settings, FTP details being leaked, SQL details being leaked/hacked into/easy to guess, easy passwords for administrators on the software, and people downloading from unofficial sources were it has a weakness written into the code.
There are two classes of problems.
Fundamental issues. And actual vulnerabilities. MyBB for instance uses dated practices which create the possibility of a SQL Injection, but an actual SQL Injection would require someone making a mistake, for instance, forgetting to sanitise or cast a variable.
An actual vulnerability on the other-hand is usually an oversight of some sort, sometimes due to a rushed programmer, one who doesn't understand a certain class of problems, or a complicated code-base making it difficult to reason about every possible line of execution.
Fundamental issues. And actual vulnerabilities. MyBB for instance uses dated practices which create the possibility of a SQL Injection, but an actual SQL Injection would require someone making a mistake, for instance, forgetting to sanitise or cast a variable.
An actual vulnerability on the other-hand is usually an oversight of some sort, sometimes due to a rushed programmer, one who doesn't understand a certain class of problems, or a complicated code-base making it difficult to reason about every possible line of execution.
Affiliates
