General discussion of OpenCATS

Moderators: RussH, cptr13

Forum rules: Just remember to play nicely once you walk through the door. You can disagree with us, or any other commenters in this forum, but keep comments directed to the topic at hand.
#5180
All

Be very careful as this application has a few holes that need to be closed to protect the information and stop the application from being compromised.

We found that they were using the site as a proxy and being able to still upload and execute files even with the .htaccess file changes as the system did not verify the file extension so they were able to upload .XML and .PHP files. these are automated servers running scripts.

we found the following site that Nicholas Ferreira has kindly provided a script to test the security on your site to make sure it has not been compromised as well as a fix to stop them from hacking your site. I would recommend everyone do this ASAP.

https://github.com/Nickguitar/RevCAT

he has a fix here

https://github.com/opencats/OpenCATS/co ... f15ed8ebe1

Path :- C:\xampp\htdocs\opencats\lib\Candidates.ph[…]

I'd have to check this as I don't have this option[…]

I didn't do any changes after installing opencats […]

Please help me show this