Geeklog 1.5.2sr4
- Saturday, April 18 2009 @ 07:15 am EDT
- Contributed by: Dirk
- Views: 10,060
Bookoo of the Nine Situations Group has posted yet another SQL injection exploit. This time, the problem is in usersettings.php and can again be used by an attacker to extract the password hash for any account. Geeklog 1.5.2sr4 fixes this issue and is available for download
- as a complete tarball, for fresh installs and upgrades from any earlier release
- as an update for 1.5.2sr3 and
- as a "combo" update, bundling all the changes for 1.5.2sr1 - 1.5.2sr4.