1.48 - about security 1.48 - about security
 

News:

CPG Release 1.6.29
During HTML5 upload, keep pseudo blank code 200 messages from triggering error condition
added Russian language
correct failure to use theme menu icons in album manager
minor vulnerabilities mitigation

Main Menu

1.48 - about security

Started by natalina, June 29, 2006, 07:30:35 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

natalina

June 29, 2006, 07:30:35 AM Last Edit: July 05, 2006, 06:30:32 AM by GauGau
I did upgrade the day before & yesterday unregistered visitor upload file to public album ( in groups i didn't allow unregistered to upload files).  I\m worring because that file isn't just a picture - it looks like rar archive but it's the program called PhpShell which theoretically allows to delete & move files. I suppose it didn't work (fortunately) but it shows that inspite of permissions unregistered users do have a chance to upload files(: Any ideas?

Tranz

#1
June 29, 2006, 07:36:46 AM
In Groups manager, is the guest/anonymous group allowed to upload?

Nevermind, I didn't understand what you wrote earlier. Now I do.

Joachim Müller

#2
July 04, 2006, 08:24:33 AM
Post a link to your coppermine gallery.

Joachim Müller

#4
July 04, 2006, 07:24:16 PM
You have enabled uploads for anonymous/guest visitors. Correct this in the groups control panel, disallow uploads for guests. For further support, here's the clickable link: http://www.forma.spb.ru/architect_gallery/?lang=english

natalina

#5
July 04, 2006, 07:56:13 PM
Oh, thanks:)
Print
Go Up Pages1
User actions