<? DEW-CODE.COM  

Main Menu

Home
Whats New?
Dewed's Blog
Links
Search
FAQs
Forums
Downloads
Latest Freelance Jobs
Archives
FIle Archives
Freelance resources
Web Icons

Downloads

Assorted scripts  (1)
DewNewPHPLinks  (9)

Latest Additions


DNPL admin search add onDNPL admin search add on
2.1 patch2.1 patch
Captcha add-on for DewNewPHPLinks 2.0 Captcha add-on for DewNewPHPLinks 2.0

DewNewPHPLinks 2.1.0.1DewNewPHPLinks 2.1.0.1
Mozilla Firefox Bookmark ImporterMozilla Firefox Bookmark Importer
Lost Password?
No account yet? Register

Dew-Code Newsfeed

Resources


 USdigitalcable.com

Dew-Code
Welcome, Guest
Please Login or Register.    Lost Password?
Dew-Code DewNewPHPLinks Known Bugs & FAQ
SECURITY ALERT FOR DNPL v.2.1.0.1b SEF users (1 viewing) (1) Guest
Go to bottom Post Reply Favoured: 0
TOPIC: SECURITY ALERT FOR DNPL v.2.1.0.1b SEF users
#1497
Dewed (Admin)
Admin
Posts: 605
graph
User Online Now Click here to see the profile of this user
Dew-Code.com
SECURITY ALERT FOR DNPL v.2.1.0.1b SEF users 1 Year, 6 Months ago Karma: 9  
edit the file include/captcha.php

Locate
Code:
$ID = $_GET["x"];
change to . . .
Code:
$ID = mysql_escape_string($_GET["x"]);
Admittedly the captcha routine was rather hastily added, and more focus was put into ensuring it was compatible with various web server configurations than security. I won't point out to potential hackers how this could be exploited, but any hacker worth a damn can no doubt see it, so I urge all users of DNPL v.2.1.0.1b to make this simple edit.
 
Report to moderator   Logged Logged  
 
Nothing to it but to Dew it !
Dew-Code.com
  The topic has been locked.
Go to top Post Reply
get the latest posts directly to your desktop
 
Outsource your projects to thousands of programmers at ScriptLance.com
Newsflash
Interested in
advertising?

This space for rent!

Sign up for PayPal and start accepting credit card payments instantly.
Copyright Dew-Code 2008