PopnupBlog XOOPS Module RFI Vulnerability
4
That was combine "contamination" and "Remote File Inclusion" attack. If you use PHP as "register global on" and "allow url fopen on", fix it or update to V3.13 ASAP.
How to fix:
popnupblog/class/sendmail.php (line 26)
----INSERT BELOW
$incpath = XOOPS_ROOT_PATH."/modules/popnupblog/";
----INSERT END
Download:
Download V3.13 from bluemooninc.biz
Comments (0)
Newest first |
Oldest first |
Nested view |
