Advanced search  

News:

cpg1.5.46 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter recently discovered vulnerabilities. It is important that all users who run version cpg1.5.44 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Local File Inclusion and Blind SQL Injection (exploit)  (Read 10964 times)

0 Members and 1 Guest are viewing this topic.

breath

  • Coppermine newbie
  • Offline Offline
  • Posts: 2
Logged

Hein Traag

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: nl
  • Offline Offline
  • Gender: Male
  • Posts: 2166
  • A, B, Cpg
    • Personal website - Spintires.nl
Re: Local File Inclusion and Blind SQL Injection (exploit)
« Reply #1 on: May 19, 2009, 08:00:29 am »

Thanks for reporting this exploit breath. The Dev team wil find a fix asap.
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: Local File Inclusion and Blind SQL Injection (exploit)
« Reply #2 on: May 19, 2009, 09:08:18 am »

Corresponding developer thread started. We'll release a new version asap to counter the exploit. Thanks for letting us know.
Logged

breath

  • Coppermine newbie
  • Offline Offline
  • Posts: 2
Re: Local File Inclusion and Blind SQL Injection (exploit)
« Reply #3 on: May 23, 2009, 12:55:33 pm »

thx 4 update
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: Local File Inclusion and Blind SQL Injection (exploit)
« Reply #4 on: May 24, 2009, 09:40:08 am »

Sorry, I forgot to reply to your thread. As you already figured out, the release has been packaged - cpg1.4.23 is out.
Logged
Pages: [1]   Go Up
 

Page created in 0.014 seconds with 22 queries.