Great Reviews!Need help setting up your website, installing Apache, PHP, MySQL, or RavenNuke(tm)?Need help customizing or designing scripts?Please contact us via the Contact Us option for further details and pricing.
SECUNIA ADVISORY ID: SA33184
VERIFY ADVISORY: http://secunia.com/advisories/33184/
CRITICAL: Highly critical
IMPACT: Security Bypass, Cross Site Scripting, Exposure of sensitive information, System access
SOFTWARE: Mozilla Firefox 2.0.x - http://secunia.com/advisories/product/12434/
DESCRIPTION: Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, conduct cross-site scripting attacks, or potentially compromise a user's system. The vulnerabilities are reported in versions prior to 2.0.0.19.
Posted by Raven on Wednesday, December 17, 2008 @ 21:08:01 EST (821 reads) (Read More... | 4001 bytes more | Score: 0)
Mozilla Firefox 3 Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA33203
VERIFY ADVISORY: http://secunia.com/advisories/33203/
CRITICAL: Highly critical
IMPACT: Security Bypass, Cross Site Scripting, Exposure of sensitive information
SOFTWARE: Mozilla Firefox 3.x - http://secunia.com/advisories/product/19089/
DESCRIPTION: Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, conduct cross-site scripting attacks, or potentially compromise a user's system. The vulnerabilities are reported in versions prior to 3.0.5.
Posted by Raven on Wednesday, December 17, 2008 @ 21:00:55 EST (930 reads) (Read More... | 2355 bytes more | Score: 0)
SECUNIA ADVISORY ID: SA33165
VERIFY ADVISORY: http://secunia.com/advisories/33165/
CRITICAL: Moderately critical
IMPACT: Exposure of sensitive information
SOFTWARE: Nukedit 4.x - http://secunia.com/advisories/product/10231/
DESCRIPTION: Cyber.Zer0 has discovered a security issue in Nukedit, which can be exploited by malicious people to disclose sensitive information. This security issue is confirmed in version 4.9.8. Other versions may also be affected.
Posted by Raven on Wednesday, December 17, 2008 @ 15:17:36 EST (930 reads) (Read More... | 1184 bytes more | Score: 0)
Call Of Duty - World At War Clan PHPNuke Theme
trunks writes "PHP-Clans are proud to announce the release of the Call Of Duty - World at war phpnuke theme, for our gaming communities and clans alike. As promised we've included all the extras that we usually give to you! As well as a scrolling footer information, so you can easily place all the content you need in there!
We also have a large collection of clan themes in our store, why not check them out here. And get discounted clan web hosting with it here. If you don't see the theme you like here, why not request a phpnuke clan theme in our forumshere.
"
Posted by Raven on Tuesday, December 16, 2008 @ 00:06:25 EST (2221 reads) ( | Score: 0)
DESCRIPTION: Some vulnerabilities have been reported in MediaWiki, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and request forgery attacks.
Posted by Raven on Monday, December 15, 2008 @ 21:21:18 EST (842 reads) (Read More... | 2473 bytes more | Score: 0)
Microsoft Anti-Cross Site Scripting Library V3.0 Beta
NB1 writes "The Microsoft Anti-Cross Site Scripting Library V3.0 (Anti-XSS V3.0) is an encoding library designed to help developers protect their ASP.NET web-based applications from XSS attacks.
It differs from most encoding libraries in that it uses the white-listing technique -- sometimes referred to as the principle of inclusions -- to provide protection against XSS attacks. This approach works by first defining a valid or allowable set of characters, and encodes anything outside this set (invalid characters or potential attacks). The white-listing approach provides several advantages over other encoding schemes. New features in this version of the Microsoft Anti-Cross Site Scripting Library include: - An expanded white list that supports more languages - Performance improvements - Performance data sheets (in the online help) - Support for Shift_JIS encoding for mobile browsers - A sample application - Security Runtime Engine (SRE) HTTP module
SECUNIA ADVISORY ID: SA33169
VERIFY ADVISORY: http://secunia.com/advisories/33169/
CRITICAL: Highly critical
IMPACT: System access
SOFTWARE: RoundCube Webmail 0.x - http://secunia.com/advisories/product/19066/
DESCRIPTION: A vulnerability has been discovered in RoundCube Webmail, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is confirmed in version 0.2-beta.
Posted by Raven on Monday, December 15, 2008 @ 12:40:01 EST (1787 reads) (Read More... | 1289 bytes more | Score: 0)
Many modules for you: see the many mods and get more code now!
Posted by Raven on Sunday, December 14, 2008 @ 16:32:00 EST (788 reads) ( | Score: 0)
Backup_Restore Utility
papamike writes "Some of you may know me for the themes I build but my career went way further than that. I'm a retired Network Engineer who for 33 years worked in just about every area of a computer center that you can thnk of. But I'm not here to talk about me, I'm here to pass along to you the information I gathered while I conducted a test of the Backup_Restore utility that I released just for RavenNuke(tm) that's used to backup and if needed to restore your sql tables and data information.
This week started out just like every other one. I'm an invalid suffering from a variety of medical conditions so I sit in my chair everyday and create things on my computer. I got this crazy idea that I wanted to test the Backup_Restore utility that I had worked on and released a couple of weeks back. So to satisfy my craving I decided to conduct a realtime intrusion/forced entry attack on my root account which has 7 SQL databases. The reason I did this was to test my Backup_Restore utility under actual conditions where the entire SQL is compromised and deleted.
Before I started I backed up all of the databases just the same way I do everyday using the Backup_Restore utility that I designed and modified for RavenNuke(tm). Next I entered my root account (simulated hack attack) and deleted the entire SQL installation. This effectively wiped out all of my databases.
I started to recover right away.
- I changed the root username and password
- Reinstalled MySQL.
- Used phpMyAdmin to recreate the databases, usernames and passwords
- Edited the Backup_Restore config file for each site by adding the new Db info I created earlier and uploaded them to each domain directory using FTP.
- Uploaded and installed the database tables and data.
Everything went smoothly and I was back online with no errors in just a few minutes. This was the ultimate method I could think of to fully test my Backup_Restore.utility and it passed with flying colors.
I am now working on a new release which will work even better than this first release.
I did discover an error a couple of days later that I will need to address in the next stable release. When you install your database using Backup_Restore you must make sure that all tables in your database are dropped. This is easy to do using phpMyAdmin. If you don't drop the tables and data the BigDump restore utility will render an error message and stop.
I think that everyone should get a copy of my utility and use it to backup your databases daily. It only takes a few seconds to run the backup utility and have the data e-mailed to you. Visit me at http://www.papamikecreations.net to get your copy today.
Thanks and Happy Holidays to everyone"
Posted by Raven on Friday, December 12, 2008 @ 10:54:11 EST (755 reads) ( | Score: 0)
Windows Services Optimizer
Southern writes "Disabling unnecessary Windows services can result in significant performance gains for production machines and virtual machines. This script helps you manage and share templates for services optimization.
![[Valid RSS]](http://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::
