4images Forum & Community

4images Help / Hilfe => Bug Fixes & Patches => Topic started by: kai on April 19, 2011, 10:09:58 AM

Title: [1.7 - 1.7.9] Security fix for input validation error
Post by: kai on April 19, 2011, 10:09:58 AM
A input validation error vulnerability in 4images 1.7 - 1.7.9 has been found.

To fix this:

in download.php

find

$file = array();

and replace with

$file = array();
$file_path = null;
$file_name = null;

and find

while ($image_row = $site_db->fetch_array($result)) {

and replace with

while ($image_row = $site_db->fetch_array($result)) {
$file_path = null;
$file_name = null;
Title: Re: [1.7 - 1.7.9] Security fix for input validation error
Post by: Warrior on April 19, 2011, 06:13:50 PM
Thanks for the heads up!