Yourls hacked. . Multiple Stored Cross Site Scripting (XSS) vulnerabilities exist in the YOURLS Admin Panel, Versions 1. Sleeky adds a public interface and overhauls the backend (admin) interface. css and javascript folders). Example: Sleeky is a minimal interface package for use with YOURLS, an open source URL shortener. This page details how you are supposed to edit your user/config. Sleeky is split into two parts - frontend and backend. With YOURLS, you have complete control over your links, detailed statistics, plugin support, and more, all wrapped in a free and open-source package. So, before crafting your SQL query, make sure there About YOURLS What is YOURLS YOURLS stands for Your Own URL Shortener. php (with a raw text editor such as Notepad) Explore the GitHub Discussions forum for YOURLS YOURLS. There's an ever growing Plugin List that may already feature what you're looking for. 7. See full list on yourls. Server configuration Apache What your . php (with a raw text editor such as Notepad) 📄️ Credentials How to use encrypted passwords in your config file. Installing and updating YOURLS is a simple task. Oct 9, 2017 · A couple months ago I started a project and wanted to use YOURLS in a MultiSite mode (like WordPress). Install In /user/plugins, create a new folder named qr-code In this new directory, create a blank file named plugin. 📄️ Private/Public In your config. Essentials Essentials 📄️ Configuration This page details how you are supposed to edit your user/config. Database queries This guide covers the proper way to query the database of a YOURLS setup. 📄️ Server configuration Apache 📄️ Upgrade When a new version is available, a notification is shown on the admin interface. Running your own URL shortener is fun, geeky and useful: you own your data and don't depend on third-party services. Implement your custom features in separate files that will be left untouched when you update YOURLS. Getting started Getting started 📄️ Installation Installing and updating YOURLS is a simple task. htaccess file If the . Being lightweight, highly customizable, and open-source, Feb 12, 2022 · Being aware that an iPhone, unless jailbroken, cannot be hacked remotely if you ignore and DO NOT respond/click on any link that it might contain, see this support article:--> Recognize and avoid phishing messages, phony support calls, and other scams - Apple Support To feel more comfortable, in addition to deleting the history and cookies from Safari, you can change your Apple ID password How to use encrypted passwords in your config file. Mar 21, 2025 · Have you ever wanted your own URL shortener? YOURLS (Your Own URL Shortener) puts you in control of your short links. php the YOURLS features a plugin architecture and API. YOURLS is a powerful set of PHP scripts that empowers you to run Y our O wn URL S hortener, on your server. There are wrapper functions for mostly everything (eg to store and retrieve options for example, use functions yourls_add_option() and yourls_get_option(), don't fiddle with the database). It can be one of these two lines: 📄️ Character set In user/config. It allows you to create custom short links, manage them efficiently, and even tap into advanced features like API integrations. qr " to short URLs to display the shorturl's QR code. But YOURLS doesn't do MultiSite, Yet! So I hacked the code and built my own. 4 (GitHub Advisory). The core of YOURLS is designed to be as light as possible and avoid bloat (implementing functions not everybody needs) and to allow for easy customization. Make a . YOURLS, like many well designed apps and CMS, comes with a Plugin API to make it flexible and modular. Don't write SQL queries Seriously, you probably don't need to. php In this new file, cut and paste the following code Go to the Plugins administration page and activate the plugin Code Plugins YOURLS has a powerful plugin API that allows to implement custom features and behaviors. Frontend adds a public user interface. Apr 19, 2013 · On being hacked: to date I haven't received any report or clue making me think there's an insecure hole in YOURLS allowing malicious hackers to compromise a server. Vulnerability statistics provide a quick overview for security vulnerabilities of Yourls. php you have to define constant YOURLS_PRIVATE. org Explore the latest vulnerabilities and security issues of Yourls in the CVE database A list of the latest Yourls cybersecurity vulnerabilities and CVEs (CVE List 2024) This page lists vulnerability statistics for all versions of Yourls » Yourls. htaccess file for YOURLS should look like. No worry, it's simple. No more depending on services like bitly t Jan 12, 2018 · My instance of YOURLs gets a lot of spam domains or malwareridden domains by many different IP's and countries even though the domains they shorten are banned. Jan 6, 2019 · We've recently had our YOURLS installation hacked and the ez_sql_core_yourls. Don't hack core. Use this for A couple/few years ago I forked YOURLS and converted it to postgress (but in right inline breaking mysql functionality). Discuss code, ask questions & collaborate with the developer community. Powerful Features Bookmarklets, developer API, and awesome stats with historical click reports, referrers tracking and visitors geo-location. 10. They aim to either provide sample code for people who want to make their own plugins (it's easy!), or implement often requested features 🔗 The 𝘥𝘦 𝘧𝘢𝘤𝘵𝘰 standard, self hosted, powerful and customizable, URL shortener in PHP - YOURLS/YOURLS When a new version is available, a notification is shown on the admin interface. Using this theme you can create your own Bitly / URL shortening site or a shortening site for internal use at companies. The issue was reported on June 28, 2024, and was patched in version 1. 5 - 1. The vulnerability was discovered in the YOURLS server-side proxy feature, which was designed to allow URL shortening without requiring authentication or exposing authentication tokens. GitHub is where people build software. I was too green in php then to think it was good code (still am :p) and that Oct 14, 2024 · YOURLS (Your Own URL Shortener) is a self-hosted URL shortening application designed for developers and tech enthusiasts who need full control over their data. Example plugin: QRCode Add ". It is a small set of PHP scripts that will allow you to run your own URL shortening service (a la TinyURL or Bitly). If you have an idea or a need for a plugin that does not exist yet, read the page Possible With A Plugin Core plugins Core plugins are bundled with YOURLS. Plugins are additional PHP scripts that extend the functionalities or features of YOURLS. htaccess file automated creation/updating failed because of file permission, you'll have to manually make one. There's a tutorial on how to make Plugins. An authenticated user must modify a PHP plugin with a malicious payload and upload it, resulting in multiple stored XSS issues. php injected with your typical, highly obfuscated Webconsole malware plus malicious . ico and index. My YOURLS MultiSite Roadmap is at ** YOURLS MultiSite ** On that page, you can see a Proof-Of-Concept - some URLs that forward through this YOURLS MultiSite. YOURLS is a set of PHP scripts that will allow you to run Your Own URL Shortener. More than 150 million people use GitHub to discover, fork, and contribute to over 420 million projects. Jul 15, 2025 · Think your phone might be hacked? Here are six telltale signs—and what you should do right away to protect your personal data and privacy. php files which proliferated into all YOURLS directories (incl. yh4 xudsc 0qslie3 ndixw au4d gnw tohp5p e82 fe3w nylmhc