Author Topic: [1.7 - 1.7.9] Security fix for input validation error  (Read 10907 times)

0 Members and 1 Guest are viewing this topic.

Offline kai

  • Administrator
  • Addicted member
  • *****
  • Posts: 1.407
    • View Profile
    • 4images - Image Gallery Management System
[1.7 - 1.7.9] Security fix for input validation error
« on: April 19, 2011, 10:09:58 AM »
A input validation error vulnerability in 4images 1.7 - 1.7.9 has been found.

To fix this:

in download.php

find

$file = array();

and replace with

$file = array();
$file_path null;
$file_name null;


and find

while ($image_row $site_db->fetch_array($result)) {

and replace with

while ($image_row $site_db->fetch_array($result)) {
$file_path null;
$file_name null;
Your first three "must do" before you ask a question:
1. Forum rules
2. FAQ
3. Search

Offline Warrior

  • Jr. Member
  • **
  • Posts: 75
    • View Profile
    • Lawrence Family History
Re: [1.7 - 1.7.9] Security fix for input validation error
« Reply #1 on: April 19, 2011, 06:13:50 PM »
Thanks for the heads up!

 

Post your comments here