mattyastic Posted January 11, 2014 Report Posted January 11, 2014 There is a security hole affecting ALL versions of phpVMS. The security whole affects Auth.class.php and can be exploited via the login form. I have submitted a pull request on github, and i suggest a patch is released ASAP. Quote
mattyastic Posted January 16, 2014 Author Report Posted January 16, 2014 Is there going to be a patch for this hole released? Quote
alblua Posted January 21, 2014 Report Posted January 21, 2014 There is a security hole affecting ALL versions of phpVMS. The security whole affects Auth.class.php and can be exploited via the login form. I have submitted a pull request on github, and i suggest a patch is released ASAP. Can you give a quick link to this or explain it? I would like to know it. Quote
Members Vangelis Posted January 21, 2014 Members Report Posted January 21, 2014 Everything is said in this post http://forum.phpvms.net/topic/20635-rev-merge-pull-request-122-from-equinoxmattmaster/#entry110836 Quote
Edwin Posted January 21, 2014 Report Posted January 21, 2014 how did you find out it was in there? and how do you update? simply copy all files to your site? Quote
Members Vangelis Posted January 21, 2014 Members Report Posted January 21, 2014 I read the build forum section. And yes you just upload everything into your server Quote
mattyastic Posted January 27, 2014 Author Report Posted January 27, 2014 Pretty appalling that a new release hasn't been made. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.