Welcome to Geeklog Wednesday, June 19 2013 @ 06:54 AM EDT
An SQL injection vulnerability in the EasyFile plugin has been found and published by a user who calls himself Hellboy (the vulnerability is reported as being in Geeklog, but it really only affects the EasyFile plugin).
Given that the EasyFile plugin hasn't been updated in years, we assume that it is no longer maintained. If you use this plugin on your site, we recommend that you uninstall the plugin and remove all the files that belong to it as soon as possible.
We have removed the EasyFile plugin from our download area. If there are any other sites out there mirroring the plugin, please remove it from those sites as well. Thank you.
[...] Geeklog entfernt und sollte aus Mirrors und allen betroffenen Installationen gelöscht werden. Details: EasyFile plugin SQL injection Tags: Blog-Software, CMS, Content Management Systeme, Freie Software, Geeklog, Open Source, WCM, Web Content [...] [read more]