WebsiteBaker Logo
  • *
  • Templates
  • Help
  • Add-ons
  • Download
  • Home
*
Welcome, Guest. Please login or register.

Login with username, password and session length
 

News


WebsiteBaker 2.13.9 R22 is now available!


R.I.P Dietmar (luisehahne) and thank you for all your valuable work for WB
https://forum.websitebaker.org/index.php/topic,32355.0.html


* Support WebsiteBaker

Your donations will help to:

  • Pay for our dedicated server
  • Pay for domain registration
  • and much more!

You can donate by clicking on the button below.


  • Home
  • Help
  • Search
  • Login
  • Register

  • WebsiteBaker Community Forum »
  • WebsiteBaker »
  • Security Announcements »
  • Security Patch for Module Download Gallery
  • Print
Pages: [1]   Go Down

Author Topic: Security Patch for Module Download Gallery  (Read 18340 times)

susigross

  • Guest
Security Patch for Module Download Gallery
« on: September 05, 2009, 01:26:55 PM »
Module:    
Download Gallery

Patched Version:
2.20

Download Link:
http://www.websitebakers.com/pages/modules/listings/various/download-gallery-2.php

Risk level:
Low

Risks:    
Information disclosure
Data disclosure

Description:    
  • Under certain server configurations, all versions prior to 2.20 did allow directory listings in the /media/download_gallery folder, which could allow downloads of files even from hidden pages.
  • By modifying a known download link, downloads of files even from hidden pages have been possible in all versions prior to 2.13

Suggestions:
Upgrade to version 2.20 as soon as possible

Forum links:
German: https://forum.WebsiteBaker.org/index.php/topic,12184.0.html
English: https://forum.WebsiteBaker.org/index.php/topic,15149.0.html
Logged

  • Print
Pages: [1]   Go Up
  • WebsiteBaker Community Forum »
  • WebsiteBaker »
  • Security Announcements »
  • Security Patch for Module Download Gallery
 

  • SMF 2.0.19 | SMF © 2017, Simple Machines
  • XHTML
  • RSS
  • WAP2