Support Forums | Demo Gallery [1.x] [2.x] | Downloads | News | Site Map ]
Nuked Gallery
  Create a FREE account or Login   As a guest, you don't have access to our FULL navigation system.
Gallery Releases
Gallery 1.4.4-pl3 Security Release

Posted on Tuesday, November 02, 2004 @ 18:37:51 CST
ckdake writes "EDIT: There were a number of problems with pl3 so it has been pulled. Look for an updated security release some time today.

Jim Paris discovered a few security problems in Gallery which have been addressed in 1.4.4-pl3. The primary problem is a cross site scripting vulnerability which allows code to be inserted into a Gallery by using specially formed URLs. This code then appears to be part of the Gallery.

No risk is posed to the webserver-itself or any non-Gallery data, but a Gallery install could be comprimised using appropriate code.

All Gallery users are very strongly urged to upgrade to 1.4.4-pl3 immediately, which fixes this serious problem and will secure your system.

Gallery 1.4.4-pl3 can be downloaded from the Gallery Download Page."

· More about Gallery Topics
· News by dari


Most read story about Gallery Topics:
Updated Gallery Files for phpNuke 6.5


Average Score: 0
Votes: 0

Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad



 Printer Friendly Printer Friendly

 Send to a Friend Send to a Friend





Sponsors: Dedicated ServersDomain NamesWeb HostingDomain Name RegistrationAustralian Web HostingNeckermannLook For GadgetsSwag Listings

10th year online! 2003-2013
Legal • Use of this site consitutes agreement to the Acceptable Use Policy
Hosted by Implosion WorksSourceForge.net Logo • Theme by TonicMedia