You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 285 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Modules: Gallery 1.3.4-p1 security release
SecurityLinzilla writes "We received email this morning from Larry Nguyen, an alert and responsible Gallery user who notified us about a cross-site-scripting flaw in Gallery. This security flaw can allow a malicious user to craft a URL that executes Javascript code on your website.

We estimate the security risk of this flaw to be relatively minor, however
we take all security issues very seriously. You can download patch
instructions or a complete version of Gallery including the new changes
from the Gallery download page:



http://sourceforge.net/project/showfiles.php?group_id=7130


For more information on the vulnerability, cross site scripting, and a
simple one-character-change quick fix please read the news story on the
Gallery website:



http://gallery.sourceforge.net/article.php?sid=82




regards,

Gallery Dev Team
"
Posted on Sunday, July 27 @ 22:28:18 CEST by [RETIRED]chatserv
 
Related Links
· Computer Cops
· More about Security
· News by [RETIRED]chatserv
Most read story about Security:
PHP-Nuke admin.php security hole - PATCHED
Article Rating
Average Score: 4
Votes: 1


Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad
Options

 Printer Friendly Page  Printer Friendly Page

 Send to a Friend  Send to a Friend
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register
Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.126 Seconds - 206 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::