How secure is Fabrik?

[tagger]

Hi,
saw some unusual searches to my page an started investigating...

Found this Video on Yt....is this fixed?

and this:

https://packetstormsecurity.com/files/150512/Joomla-Fabrik-3.9-CSRF-LFI-Shell-Upload.html

If not, can we fix it?

I am worried..

 

[troester]

As far as I can see these expoloits are old stuff (some very old from Joomla1.5/Fabrik2.0).
But I mentioned it to @cheesegrits to have a look.

Surely if a site is running these outdated versions it's vulnerable and the hacks are working. But this is up to the admins.

some unusual searches to my page an started investigating.

There are no "unusual searches" nowadays, all pages are scanned permanently...

 

[tagger]

hm, Video is from a month ago....and exploits were posted Nov 2018, so quite recent...

and when you see "inurl:index.php/component/fabrik" in search console together with some actual clicks....I find that quite unusual....

 

[troester]

hm, Video is from a month ago....and exploits were posted Nov 2018, so quite recent...

The posting is recent but I'm pretty sure the affected sites are not running recent Joomla and Fabrik (ajax filupload was fixed in 2017, Fabrik3.7 I think).
But wait for @cheesegrits' estimation

 

[cheesegrits]

Yup, I've checked and that all looks like old exploits which have been fixed.