Joomla 5 Notice

We are pleased to announce that as of January 29, 2024, all of our Joomla extensions are compatible with Joomla 5.

For all who are still updateing from Joomla 3 to Joomla 4: Joomla 4 Migration instructions are available here:

There is now a separate Documentation for Visforms for Joomla 4 and for Visforms for Joomla 5!

Forum

Visforms Subscription user can ask questions in our forum. Please log in with the relevant user first.
Everybody can access the forum for reading.

Please only ask 1 question per topic.

Important information for almost every question:
V1: Which Visforms version is running?
V2: Which Joomla version is running?
V3: Which PHP version is running?

Cloud-tool mySites.guru detects vistools and vfsubscription as hack

  • pwouda
  • Topic Author
  • Offline
  • Enjoying Joomla!
More
5 years 3 days ago #6441 by pwouda
Hi,

This week I have a subscription on mySites.guru, a tool that makes it easy to keep track of updates of multiple Joomla-sites.
It also checks if there are vulnarabilitys in the code. There are three files form Visforms that are marked as vulnarable:
/administrator/components/com_visforms/controllers/vistools.php
/administrator/components/com_visforms/models/vistools.php
/administrator/manifests/packages/vfsubscription/script.php

See also:

Do you know about this vulnarability and is there a way for you to prevent this?

Best regards,
Peter

Peter Wouda
Noordoost.nl
www.noordoost.nl

More
5 years 1 day ago #6442 by Administrator AV
Hi Peter,

thank you very much for providing this interesting information based on your test results!
The short test results list tells me, that there is no hack and no vulnerability found in visForms at all.
This is good news, but also no unexpected news because we do have quite an IT security expert in our team!

Just to correctly quote your test results: The files are not 'marked as vulnerable' but marked as 'suspect content'.
You do realize that all the 5 listed suspected contents are simply about the naming of PHP code variables and functions?
It seems to me that they are all motivated by the harmless occurrence of the same literals most likely 'redirectmail', which is basically what the code was written for.

Here is a tiny question to you:
Should I avoid having readable Code in order to not get listed as 'Suspect Content' in any static code inspection tool there is?

As a matter of facts, visForms has never been on any vulnerable extensions list.
A static code analysis tool, which you have at your service now, is definitively part of any meaningful security tool stack.
But when it comes to real professional high-quality site security, there is nothing that can replace actual live site Penetration Testing (PT).

We do provide to our project customers individual Cyber Security Checks including the mentioned live site Penetration Tests, Page Speed Optimization, Page Diagnostic and General Optimizations.
In case you need any of these, just have a short look at our company web site (Home, About us) and feel free contacting us.

Best Regards,
Aicha

:idea: I recommend you the new and up-to-date documentation for Joomla 4:
docs.joomla-5.visforms.vi-solutions.de/en/docs/
Most of this also applies retrospectively to Joomla 3.
Please only ask 1 question per topic :-).

:idea: Ich empfehle Dir die neue und aktuelle Dokumentation für Joomla 4:
docs.joomla-5.visforms.vi-solutions.de/docs/
Das meiste gilt rückwirkend auch für Joomla 3.
Bitte immer nur 1 Frage pro Thema stellen :-).

  • pwouda
  • Topic Author
  • Offline
  • Enjoying Joomla!
More
4 years 11 months ago #6445 by pwouda
Hi Aicha,
You are right about the 'suspect content'. Looking further in detail Mysites.guru marks every base64_decode as suspect. Not only in your code, but also in Hikashop and other extensions.

I will contact MySites if there is a way for me to mark these files as 'save'.
Thanks for the quick and accurate response!

Best regards,
Peter

Peter Wouda
Noordoost.nl
www.noordoost.nl

Moderators: Administrator AVAdministrator IV
Powered by Kunena Forum