IlluminaCMS Edit (Used on xenhotel.co)

[vLukeH]

@ Bow

Not trying to flame but yeah you did own xenHotel 2.0, but just because you got hacked, I helped Xenon out with this and he never got hacked once. Oh and you keep saying there's exploits everywhere yet you haven't actually shown one? If there are exploits then fair enough point them out, but I know Xenon and I helped with this CMS and I know that there are no deliberate exploits in the CMS, he's just contributing which some of you may use, some may not. Oh and I don't re-call this being the exact edit you used? Because I don't see any edits that you did on there such as I think you did a top stats when you previously owned? Forgive me if I'm wrong but this is the edit Dylann released of Matty's with Xenon's personal edits.

[Xen0nR]

@ Bow

Please explain to me and everyone where the exploits are then? As Luke said if you do find one then that's fair enough, this isn't the edit you did because this is Matty's edit.

I'm not a developer or anything, I'm just contributing something to the community.

Exploits.
Exploits.
Exploits.
Exploits.
Exploits.
Exploits.

JHEEZE aka Chris hacked into the HK when I had this edit and was running XenHotel.co. haha

Yeah, that's when you OWNED Xen, I wasn't even using your CMS edit.

[Stefan Jennings]

Nice edit.

[Bow]

@ Bow

Not trying to flame but yeah you did own xenHotel 2.0, but just because you got hacked, I helped Xenon out with this and he never got hacked once. Oh and you keep saying there's exploits everywhere yet you haven't actually shown one? If there are exploits then fair enough point them out, but I know Xenon and I helped with this CMS and I know that there are no deliberate exploits in the CMS, he's just contributing which some of you may use, some may not. Oh and I don't re-call this being the exact edit you used? Because I don't see any edits that you did on there such as I think you did a top stats when you previously owned? Forgive me if I'm wrong but this is the edit Dylann released of Matty's with Xenon's personal edits.

Lulz when xenon owned it, it was opened for 5 days peaked at 5 users. No shit it didn't get hacked... & I don't need to show you anything. I'd assume Chris just didn't magically rank himself and 3 others and mass spam credits on the hotel. Also, I did contribute to this community, go look at all my threads.

@ Bow

Please explain to me and everyone where the exploits are then? As Luke said if you do find one then that's fair enough, this isn't the edit you did because this is Matty's edit.

I'm not a developer or anything, I'm just contributing something to the community.



Yeah, that's when you OWNED Xen, I wasn't even using your CMS edit.

"Your CMS edit." You mean, the one Bren and Hayden gave you to use for the hotel as well as me? Compare our edits and the only difference is the images. lolz

ANYWAYS, xenHotel.co was nothing without me.. so...

[vLukeH]

Lulz when xenon owned it, it was opened for 5 days peaked at 5 users. No shit it didn't get hacked... & I don't need to show you anything. I'd assume Chris just didn't magically rank himself and 3 others and mass spam credits on the hotel. Also, I did contribute to this community, go look at all my threads.



"Your CMS edit." You mean, the one Bren and Hayden gave you to use for the hotel as well as me? lolz

Hmm I'm pretty sure he had over 20 users quite a few times so I'm sure somebody would of hacked during that time. And well if you're gonna say there's exploits you should probably say where. And I never said you didn't contribute to the community, I appreciate your contributions.

[Xen0nR]

Lulz when xenon owned it, it was opened for 5 days peaked at 5 users. No shit it didn't get hacked... & I don't need to show you anything. I'd assume Chris just didn't magically rank himself and 3 others and mass spam credits on the hotel. Also, I did contribute to this community, go look at all my threads.



"Your CMS edit." You mean, the one Bren and Hayden gave you to use for the hotel as well as me? lolz

Well, we was open for 1-2 week, which reached 20+ users daily and had 800+ registered users, but then I couldn't really be bothered owning a retro, then Bren offered me a job at Paradise so we re-directed Xen there. There's been a few people saying 'exploits' in the thread but I can't see anybody pointing out where? So why don't you find the 'exploits' and then we can put this to a fair point.

About the CMS, Bren didn't give me any kind of CMS. As said, Matty sent his, then I added more features.

Chris never touched Xen when I owned, guess there wasn't anything he could do really? As said, we checked for exploits and couldn't find any. But when you owned Xen it got hacked? Seems smart enough for you to say all this when you couldn't patch stuff yourself?

I'm still waiting for them 'exploits' you said, so please stop moaning and start showing.

[Bow]

Well, we was open for 1-2 week, which reached 20+ users daily and had 800+ registered users, but then I couldn't really be bothered owning a retro, then Bren offered me a job at Paradise so we re-directed Xen there. There's been a few people saying 'exploits' in the thread but I can't see anybody pointing out where? So why don't you find the 'exploits' and then we can put this to a fair point.

About the CMS, Bren didn't give me any kind of CMS. As said, Matty sent his, then I added more features.

Chris never touched Xen when I owned, guess there wasn't anything he could do really? As said, we checked for exploits and couldn't find any. But when you owned Xen it got hacked? Seems smart enough for you to say all this when you couldn't patch stuff yourself?

I'm still waiting for them 'exploits' you said, so please stop moaning and start showing.

I apologize if it's a different edit but ours are very similar, maybe just images and small features changed around. Regardless, Illumina is shitty in general. How would you expect me to patch something that I don't know what he did to accomplish the exploit abuse. You can even ask Bren yourself if the issue is you don't believe me that it was hacked. That's the reason why you got to own it.

[Xen0nR]

Like i said we looked for exploits, just you and others saying there's exploits which doesn't help without the fix.

[Bow]

Like i said we looked for exploits, just you and others saying there's exploits which doesn't help without the fix.

Fair enough. My apologies if I falsely accused you two.

[eckostylez]

EDIT: I dont know much about RFI Injection. Could someone check if admin/index.php is safe? $_GET['_page']

... Not sure if serious...

The XSS exploits are still contained in this CMS. It was demonstrated being used in the original topic. On the CMS author's site no less.

[KyleeIsProzZ]

It's easy to patch exploits,
unless you're a real noob.

[abrooksie123]

When i register my user does not show on the users table.

[Bow]

Not trying to start an argument, but there is an XSS motto exploit in which I know of. I don't know how to patch it, but I know it works. Basically, I can put in a alert script in my motto and it'll pop up on the community page.

[Jonteh]

Not trying to start an argument, but there is an XSS motto exploit in which I know of. I don't know how to patch it, but I know it works. Basically, I can put in a alert script in my motto and it'll pop up on the community page.

htmlentities()

... Not sure if serious...

The XSS exploits are still contained in this CMS. It was demonstrated being used in the original topic. On the CMS author's site no less.

They are indeed still there. Exactly why i've actually sat down and learned proper security techniques to implement in my new CMS. Illumina is poorly coded, though i'd still recommend it over other systems as long as the problems are patched.

[Delici0us]

htmlentities()



They are indeed still there. Exactly why i've actually sat down and learned proper security techniques to implement in my new CMS. Illumina is poorly coded, though i'd still recommend it over other systems as long as the problems are patched.

Believe that when I see it