Old slot games online.REGISTER NOW GET FREE 888 PESOS REWARDS!

Forum Replies Created

Viewing 2 replies - 1 through 2 (of 2 total)

Forum: Plugins
In reply to: [SAML Single Sign On – SSO Login] Criticial security issue

(@zakaryafactory)

Hi,
I also encounter similar problems. All files in the module contain “special strings”.
Here are the first lines of the mo_saml_settings_page.php.

Are you sure all this is normal? When one compares the files in production with the files in one of the archives of the module, one does not find absolutely all these chains.

<?php

include "\x6d\x6f\x2d\163\141\x6d\154\x2d\154\x69\143\145\x6e\163\145\x2d\160\141\x67\145\56\x70\x68\160";
include "\155\157\x2d\x73\141\155\154\x2d\163\x75\x70\x70\x6f\x72\164\x2d\160\141\x67\x65\x2e\160\150\x70";
include "\155\157\x2d\163\x61\155\x6c\55\x66\x61\x71\163\55\x70\x61\147\x65\x2e\x70\150\160";
include "\x6d\157\x2d\x73\x61\155\x6c\55\163\x65\x74\x75\160\x2d\151\x64\160\55\x70\x61\147\x65\56\x70\150\x70";
function mo_register_saml_sso()
{
    $zI = remove_query_arg("\x61\x63\164\151\157\x6e");
    $_SERVER["\122\x45\x51\x55\x45\123\124\137\x55\122\111"] = $zI;
    if (isset($_GET["\x74\141\142"])) {
        goto Zx;
    }
    if (mo_saml_is_customer_registered_saml() && mo_saml_is_customer_license_key_verified() && mo_saml_is_sp_configured()) {
        goto mZ;
    }
    if (mo_saml_is_customer_registered_saml() && mo_saml_is_customer_license_key_verified()) {
        goto ce;
    }
    $wL = "\x6c\x6f\x67\x69\156";
    goto zm;
    ce:
    $wL = "\143\x6f\x6e\x66\x69\147";
    zm:
    goto C3;
    mZ:
    $wL = "\147\x65\156\145\162\x61\154";
    C3:
    goto wY;
    Zx:
    $wL = $_GET["\x74\141\x62"];
    wY:
    if (mo_saml_is_curl_installed()) {
        goto pB;
    }
    echo "\15\xa\11\x9\x9\74\x70\x3e\74\146\x6f\x6e\164\40\x63\x6f\x6c\157\162\x3d\42\43\106\x46\60\60\60\x30\x22\76\x28\127\x61\x72\156\151\x6e\147\x3a\x20\74\x61\40\x68\162\x65\146\x3d\x22\150\x74\164\160\72\57\57\160\x68\x70\x2e\156\145\x74\x2f\155\141\156\165\x61\154\57\x65\156\57\143\165\x72\154\56\151\156\163\164\141\154\x6c\141\164\151\x6f\x6e\x2e\160\150\x70\x22\x20\x74\141\162\x67\145\164\x3d\x22\x5f\142\154\x61\x6e\153\42\76\x50\x48\120\x20\x63\x55\x52\114\x20\145\170\x74\x65\156\163\151\157\156\x3c\x2f\x61\x3e\x20\151\x73\40\156\157\x74\40\151\156\x73\164\141\x6c\154\145\x64\x20\157\162\40\x64\x69\163\141\142\154\x65\144\51\74\x2f\146\157\x6e\x74\x3e\74\57\160\76";
    pB:
    if (mo_saml_is_openssl_installed()) {
        goto BV;
    }

Forum: Plugins
In reply to: [MailPoet - Newsletters, Email Marketing, and Automation] WordPress users default list in multisite network

Thread Starter zakaryafactory

(@zakaryafactory)

6 years, 4 months ago

Hi @wysija,

This is really a shame. Your puglin is unusable in the state.
It does not respect the standards of confidentiality.

We will have to turn to another solution.

Thanks for your feedback.

Viewing 2 replies - 1 through 2 (of 2 total)