test

Reported Security Vulnerability in JA K2 Filter Component

Forums    Joomla Extensions Club    JA K2 Filter Component    Reported Security Vulnerability in JA K2 Filter Component

Tagged: 

Viewing 15 posts - 1 through 15 (of 18 total)
1 2
  • Author
    Posts
  • Arvind Chauhan Moderator
    October 20, 2016 at 7:51 am #978417

    Hi there,

    Yes, I saw that report earlier and the extension has been fixed for the same. We are releasing fixed version in the next few hours.

    We recommend to take backup and then upgrade.

    Regards

    Arvind

    shakiamuni Friend
    October 20, 2016 at 12:46 pm #978595

    Hi, after Component update, when I use Filter – Search result is null!

    manwlios Friend
    October 20, 2016 at 1:33 pm #978619

    shakiamuni wrote:

    Hi, after Component update, when I use Filter – Search result is null!

    Same here

    Milja Ligtermoet Friend
    October 20, 2016 at 2:36 pm #978646

    Here too.

    grantbroadcasters Friend
    October 21, 2016 at 4:39 am #978872

    We are also getting the ‘Search result is null!’ on our sites.

    grantbroadcasters Friend
    October 23, 2016 at 9:17 pm #979472

    Can we please have some update on when we can expect a fix for this as this is now affecting our business.

    Arvind Chauhan Moderator
    October 24, 2016 at 9:52 am #979653

    yes, I am getting it checked.

    Ninja Lead Moderator
    October 24, 2016 at 10:32 am #979682

    Hi,

    You can apply this hotfix :

    Open components/com_jak2filter/models/itemlist.php file

    around line 1355 find and change

    $sql .= " AND i.catid IN (".(implode(', ',$ja_cids)).")";

    to

    $sql .= " AND i.catid IN (".$db->quote(implode(', ',$ja_cids)).")";

    and find all script ".$db->quote($searchPattern)." and replace with ".stripslashes($db->quote($searchPattern))."

    Let me know if that fixes the issue.
    Regards

    shakiamuni Friend
    October 26, 2016 at 7:04 am #980487

    It did not help – Search result is null

    Can anyone fix this script?
    Very uncomfortable

    Ninja Lead Moderator
    October 26, 2016 at 7:14 am #980488

    @shakiamuni: you can provide the credentials of your site: URL, admin login and FTP account via private reply, I will help you out.

    shakiamuni Friend
    October 27, 2016 at 1:31 pm #981008
    This reply has been marked as private.
    Ninja Lead Moderator
    October 28, 2016 at 10:04 am #981437

    @shakiamuni: I spent more time to detect the problem on your site and you need to change max_input_time to 2000 from php.ini file on your hosting and you can edit the setting on JAK2 Extra fields Filter and Search module

    shakiamuni Friend
    November 3, 2016 at 1:43 pm #983172

    unfortunately, the same problem 🙁
    should I change max_input_time to more than 2000?

    Ninja Lead Moderator
    November 4, 2016 at 7:50 am #983337

    @shakiamuni: You can try to set max_input_vars to 2000

    shakiamuni Friend
    November 5, 2016 at 12:30 pm #983669

    enter image description here

    It doesn’t works.
    I use JA template, modules and plugins only.
    Could you explain what the problem?

  • Author
    Posts
Viewing 15 posts - 1 through 15 (of 18 total)
1 2

This topic contains 18 replies, has 6 voices, and was last updated by  Ninja Lead 8 years ago.

The topic ‘Reported Security Vulnerability in JA K2 Filter Component’ is closed to new replies.

Important Notice :

New Unified Portal is live

Must Read

Jump to forum

Categories