mambo & joomla HITAN upgrade!!! [Arhiva foruma] - Web hosting digg forums Hrvatska powered by ShopCentar.hr

administrator

22-06-2006, 21:36

Poštovani korisnici,

ukolik koristite MAMBO ili JOOMLA portal molimo Vas da odradite HITAN upgrade na novu verziju.

Izvori:
http://www.joomla.org/

http://mamboxchange.com/frs/?group_id=5

Radi se o ozbiljnom securtiy propustu tzv. SQL Injection

srdačan pozdrav, SC

administrator

22-06-2006, 21:39

najbrža nadogradnja MAMBA je ova:

http://mamboserver.com/

Security Announcement: SQL Injection

A SQL injection vulnerability has been identified in Mambo versions <= 4.6RC1. Meaning that current production version 4.5.4 as well as recent versions 4.5.3h, 4.5.3, and 4.5.2.3 are at risk. The quickest way to plug this hole is to open /components/com_weblinks/weblinks.php and add the following two lines at line 250.

$row->title = $database->getEscaped($row->title);
$row->catid = $database->getEscaped($row->catid);

pozdrav, SC