Comdev - Comdev OneAdmin Suite Let HAckers Destroy My Entire Server

Posted on Saturday, March 8th, 2008 at 7:49am CST by 7d3a991f

Product: OneAdmin Gallery

Company: Comdev

Location: No 1-2-13, Mayang Mall, Jalan Mayang Pasir 1, 11950 Bayan Baru, Penang, Malaysia
MY

URL: http://www.comdevweb.com/

Category: Other

I had the OneAdmin Photo Gallery software installed on my website. Apparently it contained many security flaws which allowed hackers to execute malicious code on any server that the Photo Gallery software was installed on. So hackers had done this on our server, destroying dozens of websites in the process. So I emailed Comdev regarding the security issues. They told me to upgrade to a version which they said fixes the security issues which allowed the hackers to compromise my server. So I follow their instructions and find out that they want me to pay for an upgrade license in order to apply a patch to fix a known and dangerous security issue. They are charging their customers to apply a patch which fixes a flaw caused by them. I find this to be absurd. Support email replies are also very slow.


3 Comments

Post a Comment

35146748, 2008-06-07, 02:46PM CDT

Yes - I have been hacked with ONeadmin many many times. I will not use their swiss-cheese software ever again. It's awful.

1acaa639, 2008-06-10, 08:28PM CDT

Their News Publish just got hacked again. This allows the hacker to steal the admin password.

http://milw0rm.com/exploits/5362

4ff0ed59, 2008-11-16, 10:34PM CST

Why did you buy low quality software from a third-world country? Go to Hotscripts and shop for better ones.

Post a Comment