1. Fabrik 3.9 has been released. If you have updated Joomla to 3.9, this is a required update.
    Dismiss Notice

How secure is Fabrik?

Discussion in 'Standard Support' started by tagger, Mar 30, 2019.

  1. tagger

    tagger Member

    Level: Standard
  2. troester

    troester Well-Known Member Staff Member

    Level: Community
    As far as I can see these expoloits are old stuff (some very old from Joomla1.5/Fabrik2.0).
    But I mentioned it to @cheesegrits to have a look.

    Surely if a site is running these outdated versions it's vulnerable and the hacks are working. But this is up to the admins.

    There are no "unusual searches" nowadays, all pages are scanned permanently...
     
  3. tagger

    tagger Member

    Level: Standard
    hm, Video is from a month ago....and exploits were posted Nov 2018, so quite recent...

    and when you see "inurl:index.php/component/fabrik" in search console together with some actual clicks....I find that quite unusual....
     
  4. troester

    troester Well-Known Member Staff Member

    Level: Community
    The posting is recent but I'm pretty sure the affected sites are not running recent Joomla and Fabrik (ajax filupload was fixed in 2017, Fabrik3.7 I think).
    But wait for @cheesegrits' estimation
     
  5. cheesegrits

    cheesegrits Support Gopher Staff Member

    Level: Community
    Yup, I've checked and that all looks like old exploits which have been fixed.
     
    sunnyjey likes this.

Share This Page