Source code disclosure with in_anywhere mod

Various mods to change or add features.

Source code disclosure with in_anywhere mod

Postby DickTurpin » 2011-07-18 06:21 am

I have successfully installed Aardvark Top sites on my website and wanted to have the reciprocal link direct to my main site after all that is what a reciprocal link does point to a desired page. For this to work I installed the 'in anywhere' mod (version 1.0 according to the script). My problem is that I used website defender to scan my site for vulnerabilities and it's detected this mod as a Source code disclosure risk. The message displayed reads "Source code patterns were found on this page. The source code of server-side scripts helps an attacker to better understand the logic behind the Web application and may help him conduct further attacks."
Having looked this up further it's where a script can enable a hacker to utilize the script to uncover all sorts of information required to hack into other areas of the site even to log in to your site using the correct passwords etc.

I've disabled the mod and Aardvark as a precaution for now. Does anyone know how to plug this vulnerability?
I'm hoping that by mentioning this other websites may prevent any possible malicious attacks

Thanks in advance,

Dickturpin
DickTurpin
Newbie
 
Posts: 1
Joined: 2011-07-18 06:07 am

Return to Mods

Who is online

Users browsing this forum: No registered users and 2 guests

cron