Menu

3 Vulnerabilities in V1.0.0

Vulnerabilities will be repaired in V1.0.1 due for release in a few days. Basic new features will also be tentatively introduced.

File System Vulnerability:
File permissions; if incorrectly set in a shared server environment can allow de-activation & malicious use of configuration, operation and search & replace function.

PHP Configuration Vulnerability:
Register globals; if enabled can allow malicious code to be returned to unauthorized users by means of manipulated publically-available URLs.

File System Vulnerability:
Plain text virus defs; In a generic shared hosting environment, a PHP-readable virus definition file will be accessable by most user accounts and scripts on the server, including injected code. The enemy can instantly scan defences.

Posted by FujitsuBoy 2005-06-23

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.