0
Today I don't know why I updated B2J contact. I am not using it anymore as it (after you guys made it a paid only plugin and didnt give any chance for us to see if paying got us some features which were missing) became a paid plugin.
My website got hacked once like a file was uploaded (a this file was hacked by "script kiddie" group) I suspected it was B2j since it had not been upgraded for a long time I just forgot to remove it.
So I uninstalled it.
Deleted the files.
Strangely today I see an update notification and it B2J was there. I just blindly click update buttons.
Then While I was updating It struck me I don't use it anymore and had removed it last month.
So as soon as it got updated I must have just spent 5 minutes on another window and then uninstalled the component.
But I guess it was too late.
Same thing happened but think time my index.php fiile was hacked and the hacked page was showing.
My hosting company disabled my website.
I cleaned the code got the website delisted and then removed B2J component.
Now its gone but I thought I should let you know.
Even after the update there is some vulnerability in B2J contact.
My website got hacked once like a file was uploaded (a this file was hacked by "script kiddie" group) I suspected it was B2j since it had not been upgraded for a long time I just forgot to remove it.
So I uninstalled it.
Deleted the files.
Strangely today I see an update notification and it B2J was there. I just blindly click update buttons.
Then While I was updating It struck me I don't use it anymore and had removed it last month.
So as soon as it got updated I must have just spent 5 minutes on another window and then uninstalled the component.
But I guess it was too late.
Same thing happened but think time my index.php fiile was hacked and the hacked page was showing.
My hosting company disabled my website.
I cleaned the code got the website delisted and then removed B2J component.
Now its gone but I thought I should let you know.
Even after the update there is some vulnerability in B2J contact.
Responses (5)
-
Accepted Answer
0Hello,
Thanks for letting us know.
Can you help us regarding finding the cause? I have 2 concerns.
#1 : When you have un-installed the component, then it should not show you to update, so might be component is not un-installed from your site.
#2 : In your log folder there will be a log file related with B2J Contact, can you please send it to our email [email protected] ?
Really appreciate it , if you can help us more. Looking forward to your reply. -
Accepted Answer
0#1 yes that is logical. But when I tried to uninstall the B2J from a localhost copy it left one of the installations on. I just wanted to get rid of it in my localhost so I didnt se which one it was and just uninstalled it.
If you got to manage extensions you will find 3 entries of B2J. So I am assuming same thing happened with my live site I didn't notice it.
#2 I have uninstalled it from my servers will the log still be there? I will check if its there and email you
BTW your notification email to the replies on this forum are going into spam on gmail -
Accepted Answer
-
Accepted Answer
0Hi ,
We have fixed issues in the extension already months ago and updated our customers to use the latest version.
Also provided the installable kit free of cost as it was a security release.
You can download that kit from the below link.
Download link : http://updates.codextrous.com/com_b2jcontact.2.1.16.zip
We do not provide free version anymore and highly recommend to subscribe it for regular updates and support.
Thank You
Team Codextrous -
Accepted Answer
Your Reply
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »