[README IMPORTANT] Security bug in CPG 1.1D !!!!!!!!!!!!!!!!

[DJMaze]

We discovered a security bug in Coppermine 1.1D for any phpNuke.

When the Userinfo block of www.gnaunited.com (SPLATT) is installed it's exposed, but it's affected on every install even if you don't use above block !!!!

Some of you already fixed it partially after finding it, but did not completely fix it, so please also download this fix !!!

This is a "High risk" security bug and we suggest you download the proper fix for your installation at the Coppermine for phpNuke Dev Team website download section: Patches for 1.1d

Or if you use phpNuke 5.5 or up you can upgrade to our latest Coppermine release 1.2.0-nukeRC3 which doesn't have the security bug here.

[skully]

After applying the patch i get this error:
 
Notice: Use of undefined constant pwd - assumed 'pwd' in /home/www/aibo-vrienden/mainfile.php on line 203

I use Nuke 6.5 and coppermine 1.1D
Error happens when i am logged in as admin, user and anonymous.
I am using the watermark MOD in my gallery.

Could this cause this ?
Can the changes in the init.inc.php be published so we can apply them manually ?

I left the error in my gallery so you can see for yourself:

http://www.aibo-vrienden.nl

CHeers
Robert

[DJMaze]

it's not a error it's an notice so don't worry.

open your phpNuke mainfile.php and change [pwd] into ['pwd']

[icebox]

Thank-you, that fixed it  :mrgreen:  :!:

[skully]

Yep solves mine too.

thx

Robert
aibo-friends.com / aibo-vrienden.nl

[rico]

Me when i apply this patch i've got this error :


Notice: Undefined variable: debug in /home/aretmeti/www/html/db/mysql.php on line 104

Notice: Use of undefined constant pwd - assumed 'pwd' in /home/aretmeti/www/html/mainfile.php on line 287

i change the [pwd] to ['pwd'] but that change nothing.

Can you help me pleaze