Results 1 to 10 of 42

Thread: Security update [MUST HAVE]

Threaded View

  1. #1

    Exclamation Security update [MUST HAVE]

    Dear customers,

    We have detected a few Vulnerabilities in the script and strongly recommend applying the patch below.
    If you see the code below already in place it means that we added the code for you using your ftp logins.


    To fix the vulnerability you should add the code that is highlighted in bold green.
    (!) Before you change the files, back up the files to be modified.


    /libs/upload/upload.php
    Code:
    Only registered members can view the code.

    /files/.htaccess
    Code:
    Only registered members can view the code.

    /tmp/upload/.htaccess
    Updated: the file must contain only the code
    Code:
    Only registered members can view the code.

    /.htaccess
    Code:
    Only registered members can view the code.

    /libs/system.lib.php
    Code:
    Only registered members can view the code.
    The other minor vulnerabilities, which will not affect stability and security of your site, will be posted later in this thread.

    Possible SQL Injection and FIX for it
    rlAccount.class.php
    rlListings.class.php
    rlCategories.class.php
    rlSearch.class.php
    rlPlan.class.php

    Subscribe to this thread and keep up with the latest updates.
    Last edited by Alex; October 1, 2013 at 04:59 AM. Reason: updated

    Other than that happy coding...
    Flynax Technical Department