User Rating: 5 / 5

Star ActiveStar ActiveStar ActiveStar ActiveStar Active
 

Mambo weblinkleri bölümünde bir güvenlik açığı testip edildi.

Link removed - bu adrese giderek sürümünüzle ilgili yamaları alabilirsiniz. Güncellemeleri yapmanız önerilir..
Security Announcement- SQL Injection
A SQL injection vulnerability has been identified in Mambo versions <= 4.6RC1. Meaning that current production version 4.5.4 as well as recent versions 4.5.3h, 4.5.3, and 4.5.2.3 are at risk...

Orjinal Not:

The quickest way to plug this hole is to open /components/com_weblinks/weblinks.php and add the following two lines at line 250.
Code:
$row->title = $database->getEscaped($row->title);

$row->catid = $database->getEscaped($row->catid);

It is recommended you patch this as soon as possible. For those not comfortable with editing the files manually, security patches are now available for download in the Mambo CMS Project..

Joomla templates by a4joomla