Forum support

We provide good documentation for our free Joomla! extensions, including online documentatation directly in the administraton interface. If you need further individuel help with our free Joomla! extensions, you can subscribe for our payed support forum. Please apply for the paid forum support here and log in with the user id of the user with whom you have purchased the forum support.

Forum Support is free as long as you have an active Visforms Subscription or an active Subscription for the Bootstrap Carousel. Please just log in with your subscription user id.

Read-only use of the forums is free for everybody.

Topic-icon Cloud-tool mySites.guru detects vistools and vfsubscription as hack

More
9 months 4 weeks ago #6441 by pwouda
Hi,

This week I have a subscription on mySites.guru, a tool that makes it easy to keep track of updates of multiple Joomla-sites.
It also checks if there are vulnarabilitys in the code. There are three files form Visforms that are marked as vulnarable:
/administrator/components/com_visforms/controllers/vistools.php
/administrator/components/com_visforms/models/vistools.php
/administrator/manifests/packages/vfsubscription/script.php

See also:

Do you know about this vulnarability and is there a way for you to prevent this?

Best regards,
Peter

Peter Wouda
Noordoost.nl
www.noordoost.nl

Please Log in or Create an account to join the conversation.

More
9 months 4 weeks ago #6442 by Administrator
Hi Peter,

thank you very much for providing this interesting information based on your test results!
The short test results list tells me, that there is no hack and no vulnerability found in visForms at all.
This is good news, but also no unexpected news because we do have quite an IT security expert in our team!

Just to correctly quote your test results: The files are not 'marked as vulnerable' but marked as 'suspect content'.
You do realize that all the 5 listed suspected contents are simply about the naming of PHP code variables and functions?
It seems to me that they are all motivated by the harmless occurrence of the same literals most likely 'redirectmail', which is basically what the code was written for.

Here is a tiny question to you:
Should I avoid having readable Code in order to not get listed as 'Suspect Content' in any static code inspection tool there is?

As a matter of facts, visForms has never been on any vulnerable extensions list.
A static code analysis tool, which you have at your service now, is definitively part of any meaningful security tool stack.
But when it comes to real professional high-quality site security, there is nothing that can replace actual live site Penetration Testing (PT).

We do provide to our project customers individual Cyber Security Checks including the mentioned live site Penetration Tests, Page Speed Optimization, Page Diagnostic and General Optimizations.
In case you need any of these, just have a short look at our company web site (Home, About us) and feel free contacting us.

Best Regards,
Aicha

-- Visforms Developer --
Always consult our documentations before asking a question on our forum, the answer is most probably there. :)
Bitte konsultiere immer zuerst unsere Dokumentationen bevor du eine Frage im Forum stellst, die Antwort ist bestimmt da. :)
Enjoy Joomla!

Please Log in or Create an account to join the conversation.

More
9 months 3 weeks ago #6445 by pwouda
Hi Aicha,
You are right about the 'suspect content'. Looking further in detail Mysites.guru marks every base64_decode as suspect. Not only in your code, but also in Hikashop and other extensions.

I will contact MySites if there is a way for me to mark these files as 'save'.
Thanks for the quick and accurate response!

Best regards,
Peter

Peter Wouda
Noordoost.nl
www.noordoost.nl

Please Log in or Create an account to join the conversation.

Moderators: Administrator