PHProjekt 6

Features
Screenshots & Videos
Blog
Live Demo

Navigation

Demo
Downloads
Features
Addons
Service
Installation
Forum
Dokumentation
Bugtracker
Erweiterte Suche
Feedback
Presse
Impressum
Login/Register

Languages

Sprache auswählen:

security fix for login routine

28. Dez 2004

User cYon reported a security flaw in the login routine of PHProjekt. By redirecting a variable in the script /lib/authform.inc.php it is possible to execute remote scripts on the server.

A security fix is available by downloading this package here which also hardens the last security hole for those installations with do not support automatic session start. Please replace the two scripts in the '/lib' directory.

The current version 4.2.3 also contains the two fixes.

Verfasst von albrecht