View Single Post
Old April 7th, 2010, 08:25 PM   #1
Michael P
PhotoPost Developer
Verified Customer
 
Join Date: Jan 2002
Posts: 11,833
Fix

PhotoPost has learned of a vulnerability affecting vBGallery 2.5:

PhotoPost vBGallery Two SQL Injection Vulnerabilities - Advisories - Community

We have updated the vBGallery product, we placed the patched version into the members area for you to to download, and we are attaching the fixed files here (for those who want to patch their site, regardless of membership status).

Attached is a new profile_start.php script for versions 2.0-2.4.X.

Download, rename the file to profile_start.php and replace your file:

forums / includes / vbgallery / profile_start.php

I will also update the build with an updated file.

For version 2.5, you will need to go to Plugin & Products -> Plug-in Manager -> UserCP -> profile_start and replace with the content from profile_start_plugin.txt
Attached Files
File Type: txt profile_start_plugin.txt (6.3 KB, 13 views)
File Type: txt profile_start.php.txt (7.3 KB, 3 views)
__________________
Please do not PM me for support or sales questions. Thank you for your understanding.

Last edited by Michael P; May 4th, 2010 at 05:50 PM.
Michael P is offline   Reply With Quote