1.48 - about security 1.48 - about security
 

News:

CPG Release 1.6.27
change DB IP storage fields to accommodate IPv6 addresses
remove use of E_STRICT (PHP 8.4 deprecated)
update README to reflect new website
align code with new .com CPG website
correct deprecation in captcha

Main Menu

1.48 - about security

Started by natalina, June 29, 2006, 07:30:35 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

natalina

June 29, 2006, 07:30:35 AM Last Edit: July 05, 2006, 06:30:32 AM by GauGau
I did upgrade the day before & yesterday unregistered visitor upload file to public album ( in groups i didn't allow unregistered to upload files).  I\m worring because that file isn't just a picture - it looks like rar archive but it's the program called PhpShell which theoretically allows to delete & move files. I suppose it didn't work (fortunately) but it shows that inspite of permissions unregistered users do have a chance to upload files(: Any ideas?

Tranz

#1
June 29, 2006, 07:36:46 AM
In Groups manager, is the guest/anonymous group allowed to upload?

Nevermind, I didn't understand what you wrote earlier. Now I do.

Joachim Müller

#2
July 04, 2006, 08:24:33 AM
Post a link to your coppermine gallery.

Joachim Müller

#4
July 04, 2006, 07:24:16 PM
You have enabled uploads for anonymous/guest visitors. Correct this in the groups control panel, disallow uploads for guests. For further support, here's the clickable link: http://www.forma.spb.ru/architect_gallery/?lang=english

natalina

#5
July 04, 2006, 07:56:13 PM
Oh, thanks:)
Print
Go Up Pages1
User actions