Schoorbs 1.0.3 released
1 view
Skip to first unread message
xhochy
Jun 30, 2008, 9:57:10 AM6/30/08
to XhochY Announce
Schoorbs 1.0.3 comes with a fix for the first detected security
problem in Schoorbs ever (:-(). Despite it is a SQL injection
vulnerability, it doesn’t give the users who could exploit it any more
right since the affected code passage is only callable by
administrators. Although this is a security release, a E-Mail-Logging-
Backend is now included, so that one could be notified by mail if a
booking will be created or edited. In short this has been done:
* Added a backend for logging via E-Mail
* Fixed SQL injection vulnerability in edit_area_room.php
More: http://xhochy.org/en/2008/06/30/schoorbs-103-released/
problem in Schoorbs ever (:-(). Despite it is a SQL injection
vulnerability, it doesn’t give the users who could exploit it any more
right since the affected code passage is only callable by
administrators. Although this is a security release, a E-Mail-Logging-
Backend is now included, so that one could be notified by mail if a
booking will be created or edited. In short this has been done:
* Added a backend for logging via E-Mail
* Fixed SQL injection vulnerability in edit_area_room.php
More: http://xhochy.org/en/2008/06/30/schoorbs-103-released/
Reply all
Reply to author
Forward
0 new messages