XOOPS Security

From XOOPS CMS (Content Management System)

Main Page | Recent changes | Edit this page | Page history | Switch to MediaWiki mode

Special pages Double redirects Broken redirects Disambiguation pages Log in / create account Preferences My watchlist Recent changes Upload file File list Gallery of new files User list Statistics Random page Orphaned pages Uncategorized pages Uncategorized categories Uncategorized images Unused categories Unused files Wanted pages Wanted categories Most linked to pages Most linked to categories Articles with the most categories Most linked to images Articles with the most revisions Short pages Long pages New pages Oldest pages Dead-end pages All pages Prefix index List of blocked IP addresses and usernames Book sources Categories Export pages Version System messages Logs MIME search List redirects Unused templates Random redirect Popular pages Search

Printable version | Disclaimers | Privacy policy
Category: Core

---

Posted by phppp on 2007/10/1 4:46:56

XOOPS Uploader Security

Reported: Posted by phppp on 2007/10/1 4:46:56
Here is reported last hack for security details.

There is potential vulnerability identified in uploader class in case upload configuration is not set properly by modules.

The patch is applicable to all XOOPS versions.

Download from SourceForge XOOPS : XOOPS uploader patch 071001 release

Upload the two files /class/uploader.php and /class/mimetypes.inc.php to your /class/ folder and overwrite existent files.

You are highly encouraged to implement the patch to your existent XOOPS system.

---

Edit this page | Discuss this page | Page history | What links here | Related changes


This page has been accessed 6,749 times. This page was last modified 17:29, 11 January 2008. Content is available under XOOPS CMS (Content Management System).

Main Page | About XOOPS CMS (Content Management System) | Switch to MediaWiki mode