Menu

IMPORTANT: phpAdsNew Security advisory!

During the release process of rc 3 we were made aware by Sebastian Marquez of a SERIOUS security problem in phpAdsNew. The problem is caused by the Remote invocation for XML-RPC code and allows attackers to execute arbitrary code on your server. A detailed description of the problem will be published by Sebastian later on.

USERS OF PHPADSNEW ARE ADVISED TO UPGRADE TO RC 3 IMMEDIATELY. ALL VERSIONS OF PHPADSNEW 2 RELEASED SINCE MARCH 2002 ARE VULNERABLE. PHPADSNEW 2 RC 3 IS NOT AFFECTED BY THIS PROBLEM.

Users who do not want to upgrade can make their installation secure by deleting the adxmlrpc.php file from the phpAdsNew directory. Warning: this will deactivate the Remote invocation for XML-RPC functionality completely.

Posted by Niels Leenheer 2003-04-03

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.