WebsiteBaker Community Forum

WebsiteBaker => Security Announcements => Topic started by: DarkViper on March 25, 2017, 04:04:57 PM

Title: Warning: SQL Injection vulnerability
Post by: DarkViper on March 25, 2017, 04:04:57 PM
!! Warning !! on Fri, 24 Mar 2017 we got this notification:
I have found multiple security vulnerabilities in WebsiteBaker CMS; therefore, I would like to inform you about these security vulnerabilities.
Vulnerability Type: SQL Injection
Risk Level: Critical
Marek Alakša
Ethical Hacker
Citadelo | Hackers On Your Side!
That SQL Injection vulnerability is present in all WB Versions including 2.10.0.
It allows privilege escalation as well as a complete overtaking of the whole database and the server possibly too.

WebsiteBaker 2.10.0:
*** We strongly recommend to exchange the files
as soon as possible.

Take care: All of the versions of WB are prone to attacks!! It is your own decision only to get a secure system!
You can get the new, fixed version of this file from our repository.
signup2.php (
signup.php (
or the download link below.

Downloads from any other sources are not official WebsiteBaker downloads and should be taken carefull. We can not promise a 'fault free' work for!

have fun with WebsiteBaker,