News:

CPG Release 1.6.29
During HTML5 upload, keep pseudo blank code 200 messages from triggering error condition
added Russian language
correct failure to use theme menu icons in album manager
minor vulnerabilities mitigation

Main Menu

Exploit 1.4.19?

Started by mahdi1234, January 29, 2009, 08:13:34 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

mahdi1234

January 29, 2009, 08:13:34 PM
How about this one, do dev know it?

http://www.milw0rm.com/exploits/7909

Joachim Müller

#1
January 29, 2009, 08:50:56 PM
Thanks for letting us know - that's a brand-new one. We'll look into this and come up with a resolution as soon as possible.

Abbas Ali

#2
January 30, 2009, 06:38:37 AM
I can confirm this exploit. Working for a fix.

The patch given by the reporter unsets all variables which were registered because of register_globals on. I think this is the correct way.
Chief Geek at Ranium Systems

Joachim Müller

#3
February 04, 2009, 11:33:52 AM
cpg1.4.20 has just been released, which takes care of the exploit. See corresponding announcement thread cpg1.4.20 Security release - upgrade mandatory!
Print
Go Up Pages1
User actions