Home | Support Forums | Your Account | Gallery [2] | Downloads | News | Site Map ]
Nuked Gallery
  Create a FREE account or Login   As a guest, you don't have access to our FULL navigation system.
Security Notices
Security issue with debug mode and email features
Posted on Monday, June 28, 2004 @ 13:22:36 CDT
One of the users in the Gallery support forums (Rockman_Ghost) came across a possible security issue when Gallery is in debug mode and configured with email features enabled. This affects very few production Galleries. Read on for more details.

When Gallery is in debug mode, it prints the contents of all emails sent from it (as a tool for debugging). However, this means it also prints emails going out to users who forget their password. It is obviously not intended for anyone to see the contents of these 'forgotten password' emails as then anyone could change a user's password.

We don't recommend keeping debug mode on for production Galleries anyway and this issue has been fixed in the upcoming release of 1.4.4; however, if you are currently running a production Gallery in debug mode, we strongly suggest that you disable this function, as it should only be used for developers or people debugging their Galleries.

· More about Gallery Topics
· News by dari
Most read story about Gallery Topics:
Updated Gallery Files for phpNuke 6.5


Average Score: 0
Votes: 0

Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad



 Printer Friendly Printer Friendly

 Send to a Friend Send to a Friend





Sponsors: Web HostingDomain NamesDedicated ServersDedicated Web HostingDomain Name RegistrationWeb hosting AustraliaSEO Web DesignWeb Design New YorkSearch Engine OptimizationSearch Engine Optimisation

6th year online! 2003-2008
Legal • Use of this site consitutes agreement to the Acceptable Use Policy
Hosted by Implosion WorksSourceForge.net Logo • Theme by TonicMedia