Форуми / Cotonti / Bugs / Seditio Events Sql injection..

Lombi
#1 23.04.2009 18:28
<a href="http://www.domenlo.com">Surreal Art</a>
Kilandor
#2 23.04.2009 22:15
Please note, Cotonti events is vulnerable to the same exploit.

Here is a Secured version of events, http://www.cotonti.com/datas/users/events_sql_injection_fix_1.rar

All possible injections are secured up, calendar has no injections. Anyone using events should upgrade. All you need to do is replace the files.

Відредаговано: Kilandor (23.04.2009 22:57, 15 років тому)
aiwass
#3 23.04.2009 23:11
Updated :)

Thanks !
Take all that money that we spend on weapons and defences each year and instead spend it feeding and clothing and educating the poor of the world, which it would many times over, not one human being excluded, and we could explore space, together, both inner and outer, forever, in peace. - Bill Hicks

https://evlear.com
HarryRag
#4 24.04.2009 00:01
Thnx updated
[center][url=<a href="">http://www.true-gamers.nl]True</a> &amp; Honest Gamers[/url][/center]
Kingsley
#5 24.04.2009 00:56
updated to, thx guys..
GHengeveld
#6 24.04.2009 05:21
Thanks for the heads up guys, I should've noticed this.
I'm updating the original download file right away.

Update: Events/Calendar v2.0 download file has been fixed and updated. Please re-download and re-install if you haven't done so already.

Відредаговано: Koradhil (24.04.2009 19:49, 15 років тому)
Aragorn-pc
#7 24.04.2009 07:07
Thanx. :)
.# Aragorn-pc // Turkish Information Technology's Underground World
Aragorn-pc.org
http://www.kankayizz.biz
http://www.sanalarsiv.gen.tr
http://www.osmanli-devleti.net
Prosed.NET Seditio SedBlog Themes Sharing
Sean
#8 29.04.2009 05:56
Thanks for the fix guys. One of my Seditio sites was just hacked using this exploit, and I'm wondering if there's a Seditio patch? Or if the Cotonti version of the plugin will work?
Lombi
#9 29.04.2009 06:36
There's a seditio patch on neocrome.net (untested)
<a href="http://www.domenlo.com">Surreal Art</a>