Welcome to Geeklog, Anonymous Friday, April 19 2024 @ 08:40 am EDT

File Manager Vulnerability

Sunday, July 05 2015 @ 06:20 pm EDT
Contributed by: mystral-kk
Views: 9,305

An XSS vulnerability has been found by Mohammad Sikkandar Sha in the demo code for WideImage which is used in the File Manager shipped with Geeklog 2.1.0. The File Manager itself has access control and is not affected by the vulnerability.

To fix this, please remove the two following directories as soon as possible:

public_html/filemanager/connectors/php/inc/vendor/wideimage/demo
public_html/filemanager/connectors/php/inc/vendor/wideimage/test

Thank you

Comments

File Manager Vulnerability | 0 comments | Create New Account

The following comments are owned by whomever posted them. This site is not responsible for what they say.

Warning: Javascript required to enable functionality

File Manager Vulnerability

Search

Resources

About

Getting started

Support

Development

Topics

User Functions

What's New

Articles last 4 weeks

Comments last 4 weeks

Pages last 4 weeks

Links last 4 weeks

Downloads last 4 weeks