Results 1 to 5 of 5
  1. #1
    Join Date
    Nov 2010
    Posts
    260

    Default [Security Fix] ClipBucket 2.6 SQL Injections fix (Updated)

    Some more SQL Injection vulnerabilities fixed, please download "CB SQL Injection Fix 11282012.zip" attached herewith this thread.

    Note: Previous fixes are included, so you can replace without any hesitation. Instructions are included in the zip file, and backing-up files before making any changes is always a good idea.

    Click here to download patch


    Special Thanks to
    High-Tech Bridge Security Research Lab
    https://www.htbridge.com/advisory/HTB23125

    For finding and helping us fixing the security issues.
    Thanks
    Clipbucket

  2. #2

    Default Re: [Security Fix] ClipBucket 2.6 SQL Injections fix (Updated)

    After the fix I'm getting "The page isn't redirecting properly" on special charters ( chinese ) videos in watch_video page. I use seo urls with nginx
    Code:
    mysite.com/video/25O5XGYSBORW/SDN48-%E4%BD%90%E6%B8%A1%E3%81%B8%E6%B8%A1%E3%82%8B

  3. #3

    Default Re: [Security Fix] ClipBucket 2.6 SQL Injections fix (Updated)

    Found fix, but I don't know is this secure.
    I replaced the old code
    Code:
    		//What we are getting
    		//$server_link = $_SERVER['REQUEST_URI'];
                  $server_link = urldecode($_SERVER['REQUEST_URI']);

  4. #4
    Join Date
    Jul 2010
    Location
    Sialkot,Pakistan
    Posts
    509

    Default Re: [Security Fix] ClipBucket 2.6 SQL Injections fix (Updated)

    If some one is facing redirecting problem then replace your watch_video.php with this.

    watch_video.zip

  5. #5

    Default Re: [Security Fix] ClipBucket 2.6 SQL Injections fix (Updated)

    Thank you @malikruman your fix work great

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [Security Fix] ClipBucket 2.6 SQL Injections fix
    By ArslanHassan in forum News & Announcements
    Replies: 4
    Last Post: 11-10-2012, 08:20 AM
  2. Clipbucket security
    By jan2 in forum General Discussion
    Replies: 6
    Last Post: 10-23-2011, 02:45 AM
  3. Clipbucket security et the development team
    By titanshift in forum General Discussion
    Replies: 2
    Last Post: 07-22-2011, 06:15 PM
  4. Simplicity Updated!!!
    By LukeDL in forum Template Contributions
    Replies: 10
    Last Post: 05-11-2011, 05:53 AM
  5. [PATCH] ClipBucket 2.0.6 Email Templates Patch for Updated Versions Only
    By ArslanHassan in forum News & Announcements
    Replies: 0
    Last Post: 04-06-2010, 04:32 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •