|
#1
|
||||
|
||||
[important] urgent - protection fix
a vulnerability (sql injection which can give the admins nick + passhash) has been discover in all btit 1.4.x/xbtit <= rev 544 version (BtiTracker <= 1.4.7, xbtit <= 2.0.542 SQL Injection Vulnerability), please apply urgently the patch
quick fix: open scrape.php find: Code:
require("$BASEPATH/include/config.php"); require("$BASEPATH/include/common.php"); Code:
require_once $BASEPATH.'/include/crk_protection.php'; To unsubscribe from these announcements, login to the forum and uncheck "Receive forum announcements and important notifications by email." in your profile. You can view the full announcement by following this link: Template Parse Error! Regards, The Btiteam Forum Team. |
The Following User Says Thank You to Fynnon For This Useful Post: | ||
sharpe (23rd September 2008)
|
#2
|
|||
|
|||
You know that
You try to check the code with this script www.htmlpurifier.org this scan for security vulnerabilities like xsss attacks, in the code php html xml, but make copy of your scripts for security reasons, and all site owners need Acunetix Web Vulnerability Scanner Enterprise v6.1.20090211
|
Tags |
fix , important , protection , urgent |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
New announcement: XBTIT VULNERABILITY | Fynnon | xBTiT | 1 | 12th April 2010 11:35 |
urgent help | DrNet | Template Shares | 8 | 8th October 2008 12:44 |
Sos urgent pls help | Subzero | Free Torrent Source | 6 | 8th October 2008 12:29 |
Urgent Help !!!!! | DrNet | Template Shares | 2 | 3rd August 2008 06:19 |
Important Question !!! | mahdi101 | Template Shares | 9 | 9th July 2008 07:25 |