Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.

Couple of minor fixes

  1. Home
  2. News
  3. Bugs and Errors
  4. Couple of minor fixes
Couple of minor fixes
This morning I received information about an XSS exploit in the shoutbox. A user can plant malicious code via the shout_name field. Knowing my code, I immediatey knew the same trick can be done in comments. Two fixes then which are comments_include.php and shoutbox_panel.php. Existing v6.00.303 users can download the file '6.00.304 update for v6.00.303'. Simply upload the inluded files and click upgrade under System Admin. The Sourceforge packages have also been updated as usual. Thanks to Ruyn for the heads up smile

Feb 11 2006 @ 19:30 Update I've been informed of a weakness in the $srch_text variable in messages.php. I've added the updated file to the 304 patch and have updated the Sourceforge packages. Thanks to system_meltdown for letting me know.

Download PHPFusion 6.00.304 Update for v6.00.303 (5Kb).

Falk February 05 2006 36,422
News Categories
Popular News
PHPFusion 9.0 Beta
PHPFusion 9.0 BetaOctober 03 2014 | Downloads
134943
Tesseract, Progress Report
Tesseract, Progress ReportApril 26 2014 | Development & Design
83615
Welcome Back
Welcome BackMarch 24 2006 | PHPFusion
79594
PHPFusion 9.0 ( Andromeda ) Stable
PHPFusion 9.0 ( Andromeda ) StableApril 27 2017 | PHPFusion
67114
Critical update - v6.00.305
Critical update - v6.00.305March 12 2006 | PHPFusion
66219
PHPFusion v7.02.06
PHPFusion v7.02.06January 27 2013 | Downloads
54154