Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

ApolloCMS - PlusEMU - Boon Copy?

Joined
Nov 14, 2012
Messages
1
Reaction score
0
When i try to get into the client i get disconnected and it gives me that error. "you do not have permission to view this directory or page."

I would really appreciate help on this point. Thanks :)
 
Rogu3
Joined
May 11, 2012
Messages
933
Reaction score
508
YqPakNO - ApolloCMS - PlusEMU - Boon Copy? - RaGEZONE Forums

"Not your average RevCMS rename"​
At least you admit that it's a RevCMS rename. Lmfaoo, not bad tho. I would add a housekeeping buddy. There's really no use in it otherwise. Even if you don't get the support, it's worth it. Somebody will thank you some day.
 

Attachments

You must be registered for see attachments list

swe

Initiate Mage
Joined
Dec 24, 2016
Messages
64
Reaction score
6
At least you admit that it's a RevCMS rename. Lmfaoo, not bad tho. I would add a housekeeping buddy. There's really no use in it otherwise. Even if you don't get the support, it's worth it. Somebody will thank you some day.
Do you use this? ;)
 
Joined
Apr 24, 2013
Messages
1,678
Reaction score
1,114
Soo.. if it hasn't got a housekeeping, how exactly can you manage the content with this Content Management System?

Anyways..

There's a file called get_username.php in the root, which contains definite exploitable code

Code:
[B]$ip = $_GET['ip'];[/B]$con = mysqli_connect("", "root", "", "");$q = mysqli_query($con, "SELECT `username` FROM `users` WHERE [B]`ip_reg` = '" . $ip . "' OR `ip_last` = '" . $ip . "'[/B] ORDER BY id LIMIT 1");$array = mysqli_fetch_assoc($q);if ($array == null)    exit('idk: ' . $ip);[B]echo $array['username'];[/B]

It's vulnerable for both XSS and SQL injections.

If you are planning on using this "CMS", please remove this file.

Second stupid vulnerability:

application/base/classes/class.user.php

Code:
public function checkUser() {    if (!$this->loggedIn()) {        global $config;        if ($config['website']['new_user_system_enabled'] && $_GET['url'] != 'new_user') {            global $autoLoader;            if ($autoLoader->getLibrary('database')->rowCount("SELECT * FROM `users` WHERE [B]ip_last = '" . $_SERVER["REMOTE_ADDR"] . "' OR ip_reg = '" . $_SERVER["REMOTE_ADDR"] . "[/B]'") == 0) {                if (!isset($_COOKIE['new_user_check_completed_0']) || $_COOKIE['new_user_check_completed_0'] != "yes") {                    setcookie("new_user_check_completed_0", "yes", time() + (10 * 365 * 24 * 60 * 60));                    header("location: ".$config['website']['link']."/new_user");                    exit();                }            }        }    }    else {        $this->cacheUserInfo();    }}

Grabbing an IP address right from REMOTE_ADDR without escaping it is about the most stupid thing you can do. Since the creator probably wasn't aware of this, I bet this is done throughout the code.

More vulnerabilities in class.user.php

Code:
private function isBanned($checkValue) {        global $autoLoader;        return ($autoLoader->getLibrary('database')->rowCount("SELECT * FROM bans WHERE value = [B]'" . $checkValue . "'[/B] AND expire >= '" . time() . "' ") > 0);    }    public function loggedIn() {        return (isset($_SESSION['user']['id']));    }    public function getColumnForUser($column) {        if (!$this->loggedIn() && $column != "id")            return "NOT_LOGGED_IN";        global $autoLoader;        if ($column == "id")            return $autoLoader->getLibrary('database')->getResult("SELECT `" . $column . "` FROM `users` WHERE [B]`username` = '" . $_SESSION['user']['username'] . "'",[/B] $column);        else            return $autoLoader->getLibrary('database')->getResult("SELECT `" . $column . "` FROM `users` WHERE [B]`id` = '" . $_SESSION['user']['id'] . "'"[/B], $column);    }

Here's the best one of all:

layouts/default/news.php

Code:
$getComments = $autoLoader->getLibrary('database')->query("SELECT * FROM `site_news_comments` [B]WHERE `id` = '".$_GET['ban']."'");
[/B]

Just so you know, these were the only files I checked, so this "CMS" is probably full of poop exploits.
 
Rogu3
Joined
May 11, 2012
Messages
933
Reaction score
508
Do you use this? ;)

No, I don't. I don't own any hotels currently, and I don't plan on starting any, any time soon.
Gaby
Thanks for checking it out, if I get a chance, I'll try to skim through it and look for more. But I agree, it's likely that this CMS has many exploits. Unfortunately, most "PHP Developers" really don't know much about security and don't realize how easy it is to exploit their code.
 

swe

Initiate Mage
Joined
Dec 24, 2016
Messages
64
Reaction score
6
No, I don't. I don't own any hotels currently, and I don't plan on starting any, any time soon.
@Gaby
Thanks for checking it out, if I get a chance, I'll try to skim through it and look for more. But I agree, it's likely that this CMS has many exploits. Unfortunately, most "PHP Developers" really don't know much about security and don't realize how easy it is to exploit their code.
True. RevCMS is the best if recoded it.
 
Initiate Mage
Joined
Nov 23, 2017
Messages
4
Reaction score
0
New link please. The old one doesn't work! Need this cms <3
 
Initiate Mage
Joined
Dec 25, 2015
Messages
51
Reaction score
1
Download link is not working. Please upload a new link.
 
Initiate Mage
Joined
Nov 23, 2017
Messages
4
Reaction score
0
Hello there. I love the cms but i can't connect it to comet. So can you do it for me? please. I really love the cms and i want to have it soo much. Have a nice day
 
Initiate Mage
Joined
Feb 28, 2016
Messages
36
Reaction score
2
Hello there. I love the cms but i can't connect it to comet. So can you do it for me? please. I really love the cms and i want to have it soo much. Have a nice day
If u got CMS can share with us? Download link it's broken and u help us a lot
 
Initiate Mage
Joined
Nov 23, 2017
Messages
4
Reaction score
0
Well yes i have a cms for comet. But it is in swedish!



If u got CMS can share with us? Download link it's broken and u help us a lot

Yes i got a cms but it is in swedish. and yes its for comet!
 
Initiate Mage
Joined
Feb 28, 2016
Messages
36
Reaction score
2
Well yes i have a cms for comet. But it is in swedish!





Yes i got a cms but it is in swedish. and yes its for comet!

You can share with us? Maybe we can help you to made compatible with comet :D
 
Back
Top