|
|
|
|
| CMSimple.ORG > Downloads > Security fix |
Security fix
In CMSimple version 2.6 to 3.1 there is a Local File Inclusion / Arbitrary File Upload bug in CMSimple, which is being exploited by hackers.
(Fixed June 1. 2008)
If your webhotel runs with register globals on (only a few does), you are strongly advised to update CMSimple to the download available at cmsimple.org(version 3.1 - in top of cms.php added "SECURITY BUG FIX JUNE 1.2008").
The bug fix is at line 70 in cms.php:
$pth['file']['language'] = $pth['folder']['language'].$sl.'.php';
basename function is to be added to $sl:
$pth['file']['language'] = $pth['folder']['language'].basename($sl).'.php';
On Linux/Apache you can sometimes turn off register_globals by uploading a .htaccess file in webroot with "php_flag register_globals off".
In CMSimple version 2.6 to 3.0 it possible to retrieve the config information if specifying some special parameters in the URL.
(Fixed February 11. 2008)
It seems to be a problem mainly on Linux servers.
The recommendation is to update all CMSimple installations version >= 2.6 and <=3.0 to 3.0.1 or higher.
If it is version >= 2.9, it is only necessary to update the file login.php (5.4 KB)
THESE BUGS ARE FIXED IN THE CURRENT DOWNLOAD
|
|
|
|
|
|
|
