Mar 18, 2010 | 05:06 PM  
Welcome

Don't have an account yet? You can create one, it is free, just click here

as a registered user you have some advantages like free downloads, comments and posting on our forums, depending upon this site's configuration and options.

 • •  Control Panel - Register - Login  • • 
Search site | Areafiles | About MDPro | MDPro features | Site map
Current Stable MDPro Lite 1.0821 Download
Welcome
Download MDPro package

Home | News | Releases News | MAXdev News | Support and Security News | Development News | PDA News
Forums
Documentation
MAXdev Community
Latest Comments
  Re: Have you receive...
العاب ون - &#...
odai
  Re: MDContact 3
We will release a new version in next days, we are work...
TiMax
  Re: MDContact 3
Mdpro is great, I can't find these features anywhere el...
irmadilley
Support and security : Security fix's for MDPro 1.0.76 - 21/11/2006
Posted by : TiMax - Tuesday, November 21, 2006
Security

The MAXdev team has been notified of a security issue, the problem was found to be due to directory traversal vulnerability in error.php in MDPro 1.076 and earlier allows remote attackers to include and execute arbitrary local files under certain circumstances via the PNSVlang session variable which is included by error.php.

The patch is available from HERE this affects all versions of MDPro released up until this point.

Many thanks go to Larsneo for his help and collaboration

We strongly recommend all users apply this patch to their sites ASAP, all MDPro 1.0.76 packages have been updated to include this fix as from the 21-Nov-06 07:00 GMT

 

 

 

 





   Printer friendly page  

Security fix's for MDPro 1.0.76 - 21/11/2006 | Login/Create an account | 5 Comments
Comments are owned by their poster. We aren't responsible for their content.
Re: Security fix's for MDPro 1.0.76 - 21/11/2006 (Score: 1)
by TiMax (timax@spamhere.com) on Nov 22, 2006 - 11:00 AM
(User information | Send a Message) http://www.maxdev.com)
sorry, there was an small error with this fix, please re-download and re-apply it if you have downloaded it before 21/11/2006 23:45 GMT

Hosted by MAX s.o.s.
All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest ©2004~2006 MAX s.o.s.
You can syndicate our news using the file backend.php
Terms of use    Privacy policy