donators

n@work Internet Informationssysteme GmbH
Your ad here

sponsors

TYPO3 Blog
TYPO3 Anbieter

My iPhone Apps


Get PwGen now for FREE in AppStore

Get PwGen Pro in AppStore

support @ Amazon

If you like to support this site and you want to by something at Amazon, please use this link for purchasing your desired items. This does not cost you anything more than the normal price but I got a small revenue from your order.
Thank you!

Advertising

print page print page

Multiple vulnerabilities in extension ve_guestbook

By: Thomas

02.08.07 09:35 Age: 1 yrs

Once again a security hole was found in a third party extension. This time the affected extension is ve_guestbook. The security bulletion says the following:

Some versions of the extension are exposed to SQL injection because they fail to properly sanitize user-supplied input. Besides that, some versions are not preventing Cross Site Scripting attacks properly.

It's highly recommend to update to version 2.0.0 which is available from the TER. Especially the timtab bloggers out there sould update asap!

 

Greets,

Thomas

Related News:
 Two new secutrity reports - 17-07-07 07:17
 Security Bulletin: civserv - 12-07-07 12:42
Links:

TYPO3 Security Bulletin 20070801-1


Please leave a comment

Back to: Blog

Leave a Reply

You have to activate JavaScript to post comments!

Calendar

August 2007
M T W T F S S
« Jul   Sep »
 1020345
60789101112
13141516171819
20212223242526
2728293031  

Tagcloud

personal t3board page TYPO3 installer podcast t3editor community development web

Latest comments

  • paul blondiaux

    Waouuu ! Great, 1000 thanks, THomas. I'm already having great fun trimming the app. ;)...

  • paul blondiaux

    Waouuu ! Great, 1000 thanks, THomas. I'm already having great fun trimming the app. ;)...

  • Thomas

    Hi, lottery closed. Tremendous number of attendees... ;-) Winners should have their licenses in t...

  • Holger Gebhardt

    I was really happy to find this nice tool, over your blog. i used keepassx, but its really uncomfort...

  • Firma

    Could anybody tell me where I can get more about setting Smarty with Eclipse ?

Blogroll

Advertising

Meta







Valid XHTML 1.0 Strict
Valid CSS!