Register  |  Login  |  Forum  |  Search   

Board index » Development » Bug report

It is currently Sun Sep 05, 2010 10:24 am
All times are UTC
View unanswered posts | View active topics
 



Post new topic Reply to topic  Page 1 of 1
  [ 1 post ] 

ImpressPages 1.0.4 vulnerability fix

  Print view Print view Previous topic Previous topic | Next topic Next topic
 

ImpressPages 1.0.4 vulnerability fix

Author Message
Audrius
 Post subject: ImpressPages 1.0.4 vulnerability fix
 Post Posted: Wed May 12, 2010 10:08 pm 
Offline
Project Manager

Joined: Wed Nov 25, 2009 9:40 am
Posts: 27
ImpressPages 1.0.4 and earlier versions have security related issue. In administration area exist MySQL injection vulnerability.

This issue can be exploit only if you have administrator login.
So, you don't need to worry about users and hackers from outside of your website. ImpressPages is really secure. Guys from High-Tech Bridge Security Advisories (http://www.htbridge.ch) found only these tiny holes that are easy to fix.

Nevertheless, if you have administrators with limited access, use this fix and sleep well. We will include this fix in next release. It's up to you to do it now or wait for update.

Attachment:
File comment: ImpressPages 1.0.4 vulnerability fix
fix ImpressPages 1.0.4 2010-05-12.zip [23.23 KiB]
Downloaded 44 times


Top 
 Profile  
 
Display posts from previous:  Sort by  
 
Post new topic Reply to topic  Page 1 of 1
  [ 1 post ] 

Board index » Development » Bug report

It is currently Sun Sep 05, 2010 10:24 am
All times are UTC
View unanswered posts | View active topics
 

 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron