Home The News Güncelleme - Security Announcement- SQL Injection
Güncelleme - Security Announcement- SQL Injection PDF Print E-mail
User Rating: / 1
PoorBest 
Written by Ersin   
Saturday, 02 February 2008 12:32

Mambo weblinkleri bölümünde bir güvenlik açığı testip edildi.

Link removed - bu adrese giderek sürümünüzle ilgili yamaları alabilirsiniz. Güncellemeleri yapmanız önerilir..
Security Announcement- SQL Injection
A SQL injection vulnerability has been identified in Mambo versions <= 4.6RC1. Meaning that current production version 4.5.4 as well as recent versions 4.5.3h, 4.5.3, and 4.5.2.3 are at risk...

Orjinal Not:

The quickest way to plug this hole is to open /components/com_weblinks/weblinks.php and add the following two lines at line 250.
Code:
$row->title = $database->getEscaped($row->title);

$row->catid = $database->getEscaped($row->catid);

It is recommended you patch this as soon as possible. For those not comfortable with editing the files manually, security patches are now available for download in the Mambo CMS Project..

Social Bookmarking
BlinkList     Del.icio.us     Digg This!     Facebook     Furl     Google     Mr. Wong
    Seed Newsvine     Reddit     Slashdot     Stumble It!     Technorati     Yahoo MyWeb
< Prev   Next >
Last Updated on Saturday, 02 February 2008 12:35
 
Copyright © 2009 Joomla Turkish translation and free templates. All Rights Reserved.
Joomla! is Free Software released under the GNU/GPL License.