1.48 - about security 1.48 - about security
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

1.48 - about security

Started by natalina, June 29, 2006, 07:30:35 AM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

natalina

I did upgrade the day before & yesterday unregistered visitor upload file to public album ( in groups i didn't allow unregistered to upload files).  I\m worring because that file isn't just a picture - it looks like rar archive but it's the program called PhpShell which theoretically allows to delete & move files. I suppose it didn't work (fortunately) but it shows that inspite of permissions unregistered users do have a chance to upload files(: Any ideas?

Tranz

In Groups manager, is the guest/anonymous group allowed to upload?

Nevermind, I didn't understand what you wrote earlier. Now I do.

Joachim Müller

Post a link to your coppermine gallery.


Joachim Müller

You have enabled uploads for anonymous/guest visitors. Correct this in the groups control panel, disallow uploads for guests. For further support, here's the clickable link: http://www.forma.spb.ru/architect_gallery/?lang=english

natalina