Pixelpost
Authentic Photoblog Flavour
| Register - Today's Posts - Search - Tags |
|
#1
01-16-2008, 03:09 PM
|
||||
|
||||
Security Warning: SQL Injection
FYI guys, a SQL injection exploit has been found in version 1.7. It's listed on milw0rm.
http://www.milw0rm.com/exploits/4924 
|
|
#2
01-16-2008, 06:04 PM
|
||||
|
||||
|
Thanks for mentioning, we're on it right now.
__________________
My photoblog, powered by PixelPost 1.9 dev SVN | My Pixelpost Addons | My Cool Photoblog profile 
|
|
#3
01-16-2008, 07:57 PM
|
||||
|
||||
|
We've fixed the bug, and will be releasing a new version of Pixelpost later today that has the patch.
UPDATE: The new version has ben released, it can be downloaded here: http://www.pixelpost.org/
__________________
Jay Williams | A Different View Last edited by jaywilliams; 01-16-2008 at 09:35 PM.
|
|
#4
01-16-2008, 09:54 PM
|
|||
|
|||
|
I have 1.7 installed.
can I simply copy the new files over the 1.7 dir or must I upgrade? I think the 1.
|
|
#5
01-16-2008, 10:28 PM
|
||||
|
||||
|
__________________
Pixelpost Documentation | Visual Pixels | My Addons | Transition Bottlerocket Fund
|
|
#6
01-16-2008, 11:06 PM
|
||||
|
||||
|
Does this mysql injection issue affect PP version 1.6? I haven't upgraded to 1.7 yet, but there is a warning flashing on my Options page in the admin section that I need to upgrade immediately.
__________________
My photoblog: KP Images
|
|
#7
01-16-2008, 11:52 PM
|
||||
|
||||
|
It's possible that this issue has been around since or before v1.6.
I would not take the chance and upgrade to v1.7.1 as soon as possible!
__________________
Pixelpost Documentation | Visual Pixels | My Addons | Transition Bottlerocket Fund
|
| Post Reply |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
|
|
All times are GMT. The time now is 02:13 PM.
Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd. | Style Design: d3 designs
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd. | Style Design: d3 designs