Events Plugin SQL Injection Events Plugin SQL Injection

SQL Injection

A sql injection has been brought forward for the Event plugin (Link). This is not an exploit with Cotonti itself or a default plugin. So unless you are using the Events Plugin (Link). Then you are ok.

Anyone using this plugin should upgrade immediately.

An updated secure version may be downloaded here


1. GHengeveld  2009-04-24 19:51
Original download file has been fixed and updated.
2. code_87  2009-05-04 20:54
sir, if i download the event calendar version 2, do i still need this patch? :-/ :-/ :-/
3. Trustmaster  2009-05-04 22:35
Updating your calendar v2 won't hurt, so better do it to be sure your plugin is up2date.
Only registered users can post new comments