4images Forum & Community
4images Issues / Ausgaben => Discussion & Troubleshooting => Topic started by: .Infecto on December 07, 2015, 01:33:27 AM
-
Hallo zusammen,
ich bin im Web auf folgendes gestossen:
Betrifft 4images 1.7.11, 1.7.12
Allgemein: https://blog.curesec.com/
VulDB: 4images bis 1.7.11 admin/categories.php cat_description Cross Site Scripting
http://www.scip.ch/?vuldb.78256
4images 1.7.11 ( Ddos / Flood ) Exploit
https://www.youtube.com/watch?v=mKqnfqkgkfA
4images 1.7.11: Code Execution Exploit
https://blog.curesec.com/article/blog/4images-1711-Code-Execution-Exploit-117.html
4images 1.7.11 File Inclusion
https://packetstormsecurity.com/files/132335/4images-1.7.11-File-Inclusion.html
4images 1.7.11 Cross Site Scripting
https://packetstormsecurity.com/files/133712/4images-1.7.11-Cross-Site-Scripting.html
4images 1.7.11: Code Execution
https://blog.curesec.com/article/blog/4images-1711-Code-Execution-105.html
4images 1.7.12: XSS
https://blog.curesec.com/article/blog/4images-1712-XSS-110.html
-
Hast du auch gelesen was darunter steht?
6. Solution
To mitigate this issue please upgrade at least to version 1.7.13:
http://www.4homepages.de/download-4images
-
Ne, überlesen.
Ok, danke!