Forumlar / Cotonti / Bugs / Seditio Events Sql injection..

Lombi
#1 2009-04-23 18:28
<a href="http://www.domenlo.com">Surreal Art</a>
Kilandor
#2 2009-04-23 22:15
Please note, Cotonti events is vulnerable to the same exploit.

Here is a Secured version of events, http://www.cotonti.com/datas/users/events_sql_injection_fix_1.rar

All possible injections are secured up, calendar has no injections. Anyone using events should upgrade. All you need to do is replace the files.

Bu konu Kilandor tarafından düzenlendi(2009-04-23 22:57, 15 yıllar önce)
aiwass
#3 2009-04-23 23:11
Updated :)

Thanks !
Take all that money that we spend on weapons and defences each year and instead spend it feeding and clothing and educating the poor of the world, which it would many times over, not one human being excluded, and we could explore space, together, both inner and outer, forever, in peace. - Bill Hicks

https://evlear.com
HarryRag
#4 2009-04-24 00:01
Thnx updated
[center][url=<a href="">http://www.true-gamers.nl]True</a> &amp; Honest Gamers[/url][/center]
Kingsley
#5 2009-04-24 00:56
updated to, thx guys..
GHengeveld
#6 2009-04-24 05:21
Thanks for the heads up guys, I should've noticed this.
I'm updating the original download file right away.

Update: Events/Calendar v2.0 download file has been fixed and updated. Please re-download and re-install if you haven't done so already.

Bu konu Koradhil tarafından düzenlendi(2009-04-24 19:49, 15 yıllar önce)
Aragorn-pc
#7 2009-04-24 07:07
Thanx. :)
.# Aragorn-pc // Turkish Information Technology's Underground World
Aragorn-pc.org
http://www.kankayizz.biz
http://www.sanalarsiv.gen.tr
http://www.osmanli-devleti.net
Prosed.NET Seditio SedBlog Themes Sharing
Sean
#8 2009-04-29 05:56
Thanks for the fix guys. One of my Seditio sites was just hacked using this exploit, and I'm wondering if there's a Seditio patch? Or if the Cotonti version of the plugin will work?
Lombi
#9 2009-04-29 06:36
There's a seditio patch on neocrome.net (untested)
<a href="http://www.domenlo.com">Surreal Art</a>