Hi All,
the admin hacks list could have a potential issue:
http://milw0rm.com/exploits/2851
I didn't try the exploit, but after looking at the code, I would fix it in this way:
OPEN adm/admin_hacks_list.php
FIND
BEFORE ADD
You should apply this patch as soon as possible.
058-015 - Admin Hacks List SQL Injection
Subject: Re: 058-015 - Admin Hacks List SQL Injection
I Have tested the bug but it don't work on XS.
however thanks you for the patch!
however thanks you for the patch!
Page 1 of 1
You cannot post new topicsYou cannot reply to topics
You cannot edit your posts
You cannot delete your posts
You cannot vote in polls
You cannot attach files
You can download files
You cannot post calendar events
This is a "Lo-Fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Powered by Icy Phoenix based on phpBB
Generation Time: 0.4473s (PHP: 13% SQL: 87%)
SQL queries: 29 - Debug Off - GZIP Enabled