Advanced search  

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Pages: [1]   Go Down

Author Topic: Local File Inclusion and Blind SQL Injection (exploit)  (Read 14358 times)

0 Members and 1 Guest are viewing this topic.

breath

  • Coppermine newbie
  • Offline Offline
  • Posts: 2
Local File Inclusion and Blind SQL Injection (exploit)
« on: May 19, 2009, 07:39:46 am »
Logged

Hein Traag

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: nl
  • Offline Offline
  • Gender: Male
  • Posts: 2166
  • A, B, Cpg
    • Personal website - Spintires.nl
Re: Local File Inclusion and Blind SQL Injection (exploit)
« Reply #1 on: May 19, 2009, 08:00:29 am »
Thanks for reporting this exploit breath. The Dev team wil find a fix asap.
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Local File Inclusion and Blind SQL Injection (exploit)
« Reply #2 on: May 19, 2009, 09:08:18 am »
Corresponding developer thread started. We'll release a new version asap to counter the exploit. Thanks for letting us know.
Logged

breath

  • Coppermine newbie
  • Offline Offline
  • Posts: 2
Re: Local File Inclusion and Blind SQL Injection (exploit)
« Reply #3 on: May 23, 2009, 12:55:33 pm »
thx 4 update
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Local File Inclusion and Blind SQL Injection (exploit)
« Reply #4 on: May 24, 2009, 09:40:08 am »
Sorry, I forgot to reply to your thread. As you already figured out, the release has been packaged - cpg1.4.23 is out.
Logged
Pages: [1]   Go Up
« previous next »
 

Page created in 0.022 seconds with 19 queries.