Posted by: Admin
on Jul 15, 2009
Hanzo Host goes live!
We mentioned a little while ago that Hanzo Host was to morph from our previous identity that was Ninjahosting... this has now been completed!! The name-change has also given us a chance to revise our hosting plans and make them uber-competitive!!
Premium hosting with Hanzo Host juust entered a new age of efficiency and value-for-money"
Posted by: Admin
on Jan 30, 2009
Joomla Flash Magazine Deluxe Component "mag_id" SQL Injection vulnerabilities have been reported.
Solution:
Edit the source code to ensure that input is properly sanitised.
Posted by: Admin
on Jan 30, 2009
Some vulnerabilities have been discovered in VirtueMart, which can be exploited by malicious people and users to conduct SQL injection attacks.
Successful exploitation of several of the vulnerabilities requires VirtueMart administrative access.
These vulnerabilities are confirmed in version 1.1.2. Other versions may also be affected.
Solution:
Update to version 1.1.3
Posted by: Admin
on Jan 22, 2009
A vulnerability in the BazaarBuilder Shopping Cart component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks, has been reported.
Input passed via the "cid" parameter in index.php (when "option" is set to "com_prod" and "task" is set to "products") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
Posted by: Admin
on Jan 17, 2009
The RD-Autos component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This affects RD-Autos 1 5.2; other versions may also be affected.
Posted by: Admin
on Jan 17, 2009
The 'com_fantasytournament' component for Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitise user-supplied data before using it in an SQL query.
Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Posted by: Admin
on Jan 16, 2009
Tagged in:
vulnerability ,
Update ,
security ,
News ,
installatron ,
installation ,
exploit ,
drupal ,
cms ,
auto-update ,
advisory
Ninja Hosting announces the immediate availability to its customers of the of Drupal 6.9 and Drupal 5.15, maintenance releases fixing problems reported using the bug tracking system, as well as critical security vulnerabilities.
Upgrading your existing Drupal 5 and 6 sites is strongly recommended. There are no new features in these releases.
Users can upgrade their Drupal installations using the Installatron script handler via their cPanel interface, under the "software" section. It is a simple, two-click process and will take less than a minute.
Posted by: Admin
on Jan 16, 2009
Chad Windnagle writes over at The Joomla Community Portal of his recent pain after a site of a client of his was hacked.
The short version of his story is that he was using a demo Joomla installation of his as a base template to quickly set up a new site, complete with his "must have" extensions. A new site he brought online was quickly hacked, let me quote a little of his post:
"I decided to contact my hosting company to ask them if they had been having server issues or something of that nature. “Hacked” came the word back from the help desk. How could I be hacked? The site wasn’t even live and it was unlike any other hack I had ever seen. My support technician razed me about upgrades. Upgrades? “Who has time for those?” I complained. I have over 100 Joomla! sites, 20 of which are running Joomla! 1.5 and I’m supposed to keep them all running the latest version? The answer is simple: “Yes”. "
Posted by: Admin
on Jan 15, 2009
Mentioning this for three reasons; to mention Ninja Theme, tell you about the competition and also because it involves Ninja Hosting (in a round-about sort of way)
Let Ninja Theme introduce it for themselves:
January 09 Competition - A Travel Site
Posted by: Admin
on Jan 13, 2009
Computer experts from more than 30 organizations worldwide have released a consensus list of the 25 most dangerous programming errors that lead to security breaches and that enable cyber espionage and cyber crime.
The impact of these errors is far reaching. Just two of them led to more than 1.5 million web site security breaches during 2008
Secure Hosting
