Welcome, Guest. Please login or register.
Did you miss your activation email?
May 25, 2012, 05:44:36 PM

Login with username, password and session length
Search:     Advanced search
Wollen Sie dem WebsiteBaker Team beitreten?
Nähere Informationen finden Sie unter hier und auf unserer neuen Webseite.
155517 Posts in 21712 Topics by 7738 Members
Latest Member: chris85
* Home Help Search Login Register
Pages: [1]   Go Down
Print
Author Topic: Security Patch for Module Download Gallery  (Read 2765 times)
FrankH

Offline Offline

Posts: 735


WWW
« on: September 05, 2009, 12:26:55 PM »
Module:    
Download Gallery

Patched Version:
2.20

Download Link:
http://www.websitebakers.com/pages/modules/listings/various/download-gallery-2.php

Risk level:
Low

Risks:    
Information disclosure
Data disclosure

Description:    
  • Under certain server configurations, all versions prior to 2.20 did allow directory listings in the /media/download_gallery folder, which could allow downloads of files even from hidden pages.
  • By modifying a known download link, downloads of files even from hidden pages have been possible in all versions prior to 2.13

Suggestions:
Upgrade to version 2.20 as soon as possible

Forum links:
German: http://www.websitebaker2.org/forum/index.php/topic,12184.0.html
English: http://www.websitebaker2.org/forum/index.php/topic,15149.0.html
Logged
Ochs und Esel in ihrem Lauf
halt ich leider auch nicht auf
Pages: [1]   Go Up
Print
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines Valid XHTML 1.0! Valid CSS!
Impressum & Datenschutz | powered by WebsiteBaker. ©2004–2010 by Website Baker Org e.V. , all rights reserved | Legal Notice & Privacy Policy