The Ultimate Weblog System

Resources

Getting started

Support

Development

Sections

User Functions





Don't have an account yet? Sign up as a New User
Lost your password?


What's New

Stories

No new stories

Comments last 2 days


Trackbacks last 2 days

No new trackback comments

NEW FILES last 14 days


Links last 2 weeks

No recent new links

Older Stories

Thursday 04-Jun


Sunday 31-May


Friday 01-May


Monday 20-Apr


Saturday 18-Apr

Welcome to Geeklog
Friday, July 03 2009 @ 09:44 PM EDT

Forum Plugin Version 2.7.1 - Security Fix

Saturday, July 19 2008 @ 09:31 AM EDT

Contributed by: Blaine

Views: 3,817

Security

A possible Cross-Site security vulnerability has been identified by NetAgent Co., Ltd. and JPCERT/CC Lt - http://jvn.jp/

The issue is with the forum search not correctly filtering out javascript. This new release addresses that issue and all sites are recommended to upgrade to this latest release which is now available in the downloads area.

The upgrade steps are to replace the changed files and run the plugin upgrade.
  • public_html/index.php
  • config.php
  • functions.inc

What's Related

Story Options

Trackback

Trackback URL for this entry: http://www.geeklog.net/trackback.php/20080719093147449

Here's what others have to say about 'Forum Plugin Version 2.7.1 - Security Fix':

Alcance Libre - Plugin del Foro versiĆ³n 2.7.1 - ActualizaciĆ³n de Seguridad.
[...] y correr la actualización. public_html/index.php config.php functions.inc Para mas detalle es el sitio geeklog.net Tema: Anuncios | Imprimir | Recomendar | Lecturas (0) |   Enlace inverso (Trackback) URL de enlace inverso para [...] [read more]
Tracked on Tuesday, July 29 2008 @ 10:04 AM EDT

Forum Plugin Version 2.7.1 - Security Fix | 2 comments | Create New Account
The following comments are owned by whomever posted them. This site is not responsible for what they say.
Forum Plugin Version 2.7.1 - Security Fix
Authored by: Dirk on Sunday, July 20 2008 @ 04:21 PM EDT

I took the liberty and uploaded a collection of patches for the Forum plugin here.

These patches are "unoffcial" - if they break anything, it's my fault, not Blaine's. They have also been submitted to Blaine for inclusion in future versions, of course. And some of them (like displaying the thread subject in the site's title) have been in use on geeklog.net for a while.

Forum Plugin Version 2.7.1 - Security Fix
Authored by: koalasoft on Tuesday, July 29 2008 @ 09:29 AM EDT
this new in spanish.

Grettings !!

---
**Cuando el Alumno esta listo, el Maestro Aparece **
© 2002-2009 Geeklog
Created this page in 0.21 seconds 		Powered by Geeklog 1.6.0rc1 
Hosted by pair.com