ColdBlooded Posted November 21, 2012 Share Posted November 21, 2012 Just recently, 2 vulnerable points were picked up on the MCCode engine free. - AdminCP feature: Edit a user profile was not working. - blacklist.php was exploitable. My enormous appreciation goes to this community for identifying and reporting these bugs. Code on! On the other note, 2 people suggested me to change the opensource license for this software to MIT. If we make MCC vFree MIT, we basically legalize anyone who distributes v1/v2/v2.5 source codes illegally as they'll just argue their code is a derivative of the MIT licensed MCCode Free. This license does not suit very well with the MCCodes engines. You can get the latest patched package from your client area. Thanks. Previous ver: 1.1.0 (alias: 1.1) Quote Link to comment Share on other sites More sharing options...
HauntedDawg Posted November 21, 2012 Share Posted November 21, 2012 Don't you know not to post something such as "blacklist.php was exploitable"? Rather just leave it out. Unless you don't know. A lot of script kiddie pricks roam this forum too, just out there to brag about "hacking" a simple game. jus sayin Quote Link to comment Share on other sites More sharing options...
Ishraq Posted November 21, 2012 Share Posted November 21, 2012 Don't you know not to post something such as "blacklist.php was exploitable"? Rather just leave it out. Unless you don't know. A lot of script kiddie pricks roam this forum too, just out there to brag about "hacking" a simple game. jus sayin hmmm. Mainly its to tell people what mccodes have fixed in that patch. But yes there are people who will read this post in a different way. But I would say the way CB posted it is better. It alerts people more. If this information goes into the wrong hands, then the owner of a game will next time remember to test his game before releasing and to look for patches. Quote Link to comment Share on other sites More sharing options...
Djkanna Posted November 21, 2012 Share Posted November 21, 2012 - blacklist.php was exploitable. You did exceptionally well at fixing this issue, didn't you? You may want to recheck your edits. Quote Link to comment Share on other sites More sharing options...
The Phantom Posted December 8, 2012 Share Posted December 8, 2012 Edit user still dont work cyberbank and bank. Quote Link to comment Share on other sites More sharing options...
ColdBlooded Posted December 14, 2012 Author Share Posted December 14, 2012 Edit user still dont work cyberbank and bank. This has now been patched. v1.1.0c has been pushed. Thanks for reporting it. Quote Link to comment Share on other sites More sharing options...
The Phantom Posted December 14, 2012 Share Posted December 14, 2012 Your welcome (: Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.