4images Forum & Community
4images Help / Hilfe => Bug Fixes & Patches => Topic started by: kai on April 19, 2011, 10:09:58 AM
-
A input validation error vulnerability in 4images 1.7 - 1.7.9 has been found.
To fix this:
in download.php
find
$file = array();
and replace with
$file = array();
$file_path = null;
$file_name = null;
and find
while ($image_row = $site_db->fetch_array($result)) {
and replace with
while ($image_row = $site_db->fetch_array($result)) {
$file_path = null;
$file_name = null;
-
Thanks for the heads up!