-
Remote File Injection Vulnerability
Another security vulnerability has resulted in yet another release. This time the fix is to prevent a remote file injection technique being used to remotely gain access by including a remote file within the core code. If you haven't already updated it is reccomended that you do so as soon as possible.
2008-08-17 10:18:16 UTC by deeemm
-
SQL Injection vulnerability found
A recent security vulnerability allowed an attacker to retrieve the stored passwords using an SQL injection technique. The technique used a cleverly formed SQL statement to be run when injected by POST variables in the address bar of the browser. This security issue is addressed in the 0.7.5 release. It is reccommended that all users who have not yet upgraded to the 0.7.5 version do so at their earliest convenience.
The 0.7.5 release also fixes a bug that caused hyphenated table names to crash the backup process when trying to back up the database. Additionally the backup function has been changed so that it only backs up tables associated with the DMCMS system. This behaviour can be changed if required by editing the db_backup.php file if required.
2008-08-16 11:37:29 UTC by deeemm
-
Demo Site Back Up
Just a quick note to say that the Demo site is now back up and running. The Demo site is running the latest DMCMS_074 version and can be found at http://demo.deeemm.com
To login you will need to use the following info
Username: Admin
Password: DeeEmm
Please remember that the username and password are case sensitive.
For security reasons some functions have been disabled.
Don't forget to join the forum and share your views and experiences with DMCMS, it's your feedback that helps to make DMCMS better.
DM.
2008-07-18 01:19:15 UTC by deeemm
-
DMCMS LT RC1 Now Out!
DMCMS 0.7.4 is now available for download. This version is a minor bugfix release that addresses some minor issues. This release also includes a brand new administration panel, a brand new help system and is also DMCMS LT release candidate number 1.
With the development of version 0.8.0 continuing, the current 0.7.X release is being released as a 'Lite' version known as DMCMS 'LT'. This means that with the 0.8.0 release there will be two versions of DMCMS available.
The new admin interface has been adapted from the 0.8.0 release and provides a central interface from which to manage your whole site. The new interface maintains the easy to use sitemap based administration but also includes some improvements to make managing your site even easier.
As the release is a release candidate for DMCMS LT version 1, if you find any bugs, please report them using the normal channels.
DM.
2008-07-12 15:21:24 UTC by deeemm
-
DMCMS 0.7.3 Release
With the DMCMS 0.8.0 release slowly approaching the current release has had a few bug fixes to keep it up to date.
The DMCMS0.7.3 release is a minor bug fix release with fixes to fix some minor issues. The changelog is as follows.
7.3 (BETA) 03/02/2008
Security Fixes.
N/A
Bug Fixes.
Media gallery display icon not showing for non-image files
Changed paths to relative for sitemap admin template call
Edit link changed for list type pages
Added Features / Changes.
Commented out check for deleting used files
Changed files.
./index.php
./includes/build_sitemap.php
./includes/build_media_content.php
./includes/build_navigation.php
./admin/delete_item.php
2008-06-22 13:18:37 UTC by deeemm
