Nuxeo: Enterprise CMS Updates, New Products and A New Blog
CMSWire hasn’t talked a great deal about open source ECM provider Nuxeo lately, but that doesn’t mean they haven’t been hard at work enhancing their CMS solution and building new products — they have. In fact, we had an opportunity to see just what Nuxeo has been up to lately – new Digital Asset Management Product to name one thing – and where they are headed next year – dare we say the cloud?
Security Issues Plague Web CMS PHP Fusion
Security seems to be the topic of the day. With browsers rushing to release security hot fixes and CMS’s trying to keep their systems as secure as possible, the news from Web CMS PHP Fusion comes at a bad time. Yesterday, PHP Fusion announced that someone had hacked their site and changed the download link for PHP Fusion 7 to spendspace and it came as a .rar file.
While not a good scenario, the PHP 5-based (PHP 4-compatible) Web CMS developed by Nick Jones (also known as Digitanium) was quick to announce that anyone who had downloaded version 7 may have gotten a version that contained malicious files. Remember the issues Joomla! had in regards to the Harvard site being hacked? But again, transparency and quick notification can usually eliminate too much backlash from something like this.
So PHP Fusion made the announcement and let the community know. Everything seemed okay…until today. PHP Fusion’s site has now been suspended by their hosting provider. Suspicions are that it has been discontinued due to the security breach, which came as a result of a weak account that a hacker gained the password for and was allowed in as a super administrator.
What does this mean for PHP Fusion? No one is sure yet, but it makes us wonder about other possible security holes in various versions of the PHP Fusion — as in the case with any CMS provider who has its own site hacked to the point of getting it suspended.
There has been no news as to when (or if) the site will be available again. It’s possible that SourceForge (a supporter of PHP Fusion) will have an update in the event if PHP Fusion’s main site is still down. You can still download PHP Fusion version 7 at SourceForge. But you may want to wait until the dust settles, and it’s safe to click that download link.
Incoming search terms:
- Powered by PHP-Fusion leave a comment
- Powered by PHP Fusion
Latest Joomla Extentions – November 29, 2008
Yahoo! has recently simplified the code for its siteexplorer badge. This module has been originally developed by P.J. Swesey, from http://joomladigger.com Enjoy!
Gmapfinder CB Plugin
Allows you to set your coordinates on a Google Map. This is from the voodoowire.de original cb plugin. I modified it to work with the new GoogleMaps Multipage component and its new geocoder CB PLugin. Credits to the original creator: stiggi(at)voodoowire.de! Using this plugin makes your users to select their position on the cb pluginmap and to transmit coordinates to the geocoder plugin. The easy way for your users to get geocoded on your google map!
Incoming search terms:
- intitle:Powered by jDownloads Version 1 0
WordPress 2.6.5 release
WordPress 2.6.5 is immediately available and fixes one security problem and three bugs. We recommend everyone upgrade to this release.
The security issue is an XSS exploit discovered by Jeremias Reith that fortunately only affects IP-based virtual servers running on Apache 2.x. If you are interested only in the security fix, copy wp-includes/feed.php and wp-includes/version.php from the 2.6.5 release package.