Hacking competition and CompojoomComment 4.1.7

Since the beginning of our small hacking competition, the http://hackme.compojoom.com page got around 200 comments all trying to inject malicious code and eventually win some cash and one of the 5 salvusalerting subscriptions that we are offering. Unfortunately 6 of the comments made what they intended - they managed to exploit several XSS holes and found a LFI vulnerability. Those problems were all found from Jeff Channell and right now here is going to get 200€ and 1 salvus subscription :).

As you know the competition will run till the end of August, so if you wish to steal a little bit of cash from Jeff, then dive in :)

This competition gave birth to CompojoomComment 4.1.5(released last week) and 4.1.7(released today). In 4.1.7 all reported vulnerabilities were fixed and I warmly advise everyone to upgrade!

I want to thank everyone for participating so far and for making compojoomComment and the joomla world a little bit more secure! Thank you all!

P.S. What do you think - are we 3rd party developers mature enough to organize a global joomla hacking competition???

Rate this blog entry:
Hotspots project status
JomSocial features plugin updated