If you… Read more ». Not sure where to start a blog? Not sure if you need a business website? Compare Wix vs WordPress, explore key differences between the two and find out how to choose the right platform for your needs. Find out how to secure your website with these 10 essential WordPress security tips! I am brazilian XD. It looks kinda cool. Just open the css file that you are using and look for.
It wasnt a question , it was the answer for lipsmega. Thanks anyway your template is great. Ill donate for your great work. All of modules works great and is very fast the only problem i get is that i cant activate image module. Di, I have installed the image module on this template a few times, if you need more help just send me an e-mail. How to put the header buttons popular,upcoming,submit… near than the tittle Silverbullet??
Does anyone have any input as to where to place the Google Analytics code within this template? I tried to place it in pligg. Is there an update for the latest release 1.
I tested it with 1. Sorry for the inconvenience. I have decided not to release the updated version of silverbullet untill pligg 1.
Rc2 is rumored to come out sometime next week. I have Rc1 from Pligg so maybe you can already prepare before Rc2 comes out. Thank you for the information. I am not surprised with the issues you are having. I have litle problem on using thid tempalte. Vulnerable App:. There are a number of vulnerabilities within Pligg that allow for remote file enumeration, file inclusion, cross site scripting, and sql injection.
When combined these issues allow for remote code execution on the affected installation via arbitrary php code placed within template files once admin credentials are gained via SQL Injection. An example can be found in user. If the "view" parameter is set to "search" then the "keyword" parameter can be influenced.
This is a result of un sanitized GPC variables being issued directly to smarty via the assign function. Of course this can also be used to steal the cookie data as mentioned earlier in this advisory.
Arbitrary File Access: A number of file access issues exist in Pligg. They range from the not so severe such as arbitrary file enumeration to the much more severe arbitrary file inclusion. In regards to the arbitrary file enumeration a good example of it can be found in trackback. In addition to this issue, an attacker may also include arbitrary files via a malformed template request.
Both template and language data within Pligg are accepted via cookie input and are used in file handling operations with no sanitation. The vulnerable code in question can be found in config.
0コメント