Beehive Forum: Difference between revisions
Content deleted Content added
m →top: Fixing links to disambiguation pages, replaced: open-source → open-source |
GoingBatty (talk | contribs) m →Security and vulnerabilities: Fixing links to disambiguation pages, replaced: Open Source software → open-source software |
||
| Line 28: | Line 28: | ||
==Security and vulnerabilities== |
==Security and vulnerabilities== |
||
In May 2007 Beehive Forum was selected as one of the most secure forums from a selection of 10 [[ |
In May 2007 Beehive Forum was selected as one of the most secure forums from a selection of 10 [[open-source software]] tested by Dragos Lungu Dot Com.<ref>[http://www.dragoslungu.com/2007/05/30/top-10-open-source-bulletin-boards-12-months-of-vulnerabilities Top 10 Open Source Forums - 12 Months of Vulnerabilities]</ref> |
||
On 28 November 2007 Nick Bennet and Robert Brown of [[Symantec Corporation]] discovered a security flaw related to Beehive's database input handling. The vulnerability could "allow a remote user to execute SQL injection attacks".<ref>[http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-014.txt Symantec Security Advisory YMSA-2007-014]</ref><ref>[http://www.securityfocus.com/bid/26492 Beehive Forum Post.PHP SQL Injection Vulnerability - SecurityFocus]</ref> The flaw affected all versions of the software up to 0.7.1. The Beehive Forum team responded very rapidly with a fix released, in the form of version 0.8 of the software, later that day.<ref>[http://sourceforge.net/forum/forum.php?forum_id=759274 Project Beehive Forum at Sourceforge.net] {{webarchive|url=https://web.archive.org/web/20090307050501/http://sourceforge.net/forum/forum.php?forum_id=759274 |date=2009-03-07 }}</ref> |
On 28 November 2007 Nick Bennet and Robert Brown of [[Symantec Corporation]] discovered a security flaw related to Beehive's database input handling. The vulnerability could "allow a remote user to execute SQL injection attacks".<ref>[http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-014.txt Symantec Security Advisory YMSA-2007-014]</ref><ref>[http://www.securityfocus.com/bid/26492 Beehive Forum Post.PHP SQL Injection Vulnerability - SecurityFocus]</ref> The flaw affected all versions of the software up to 0.7.1. The Beehive Forum team responded very rapidly with a fix released, in the form of version 0.8 of the software, later that day.<ref>[http://sourceforge.net/forum/forum.php?forum_id=759274 Project Beehive Forum at Sourceforge.net] {{webarchive|url=https://web.archive.org/web/20090307050501/http://sourceforge.net/forum/forum.php?forum_id=759274 |date=2009-03-07 }}</ref> |
||
Revision as of 04:50, 4 December 2018
 | |
| Stable release | 1.5.2
/ November 5, 2016 |
|---|---|
| Repository | BeehiveForum on GitHub |
| Operating system | Platform Independent |
| Platform | PHP/MySQL |
| Type | Internet forum software |
| License | GPL |
| Website | www |
Beehive Forum is a free and open-source forum system using the PHP scripting language and MySQL database software.
The main difference between Beehive and most other forum software is its frame-based interface, which lists discussion titles on the left and displays their contents on the right.
Features
Other features which differentiate Beehive from most forums include:
- Targeted replies to specific users and/or posts.
- Safe HTML posting (malicious code is stripped out), rather than BBCode, via WYSIWYG editor, helper toolbar, or manual typing.
- A relationship system, allowing users to ignore users and/or signatures that they dislike.
- Powerful forum-wide and per-user word filtering, including a regular expression option.
- A flexible polling system, allowing public or private ballot, grouped answers, and different result modes.
- A built-in "light mode" that allows basic forum access from PDAs and web-enabled mobilephones.
Beehive is used by the popular UK technology website The Inquirer on the Hermits Cave Message Board.[1][2]
Security and vulnerabilities
In May 2007 Beehive Forum was selected as one of the most secure forums from a selection of 10 open-source software tested by Dragos Lungu Dot Com.[3]
On 28 November 2007 Nick Bennet and Robert Brown of Symantec Corporation discovered a security flaw related to Beehive's database input handling. The vulnerability could "allow a remote user to execute SQL injection attacks".[4][5] The flaw affected all versions of the software up to 0.7.1. The Beehive Forum team responded very rapidly with a fix released, in the form of version 0.8 of the software, later that day.[6]
Reviews
See also
References
- ^ Hermits Cave
- ^ Last week in Hermit's Cave - The Inquirer
- ^ Top 10 Open Source Forums - 12 Months of Vulnerabilities
- ^ Symantec Security Advisory YMSA-2007-014
- ^ Beehive Forum Post.PHP SQL Injection Vulnerability - SecurityFocus
- ^ Project Beehive Forum at Sourceforge.net Archived 2009-03-07 at the Wayback Machine
External links
- Beehive Forum on SourceForge
- Beehive Forum Help Wiki by ManicGeek Tech Portal
- Beehive feature list on ForumMatrix.org comparison website