Author Topic: Security fixes  (Read 4970 times)

Fred Stuurman

  • Forumbeheerder
  • Held
  • *****
Security fixes
« on: 6 July 2011, 18:45:38 »
This zip contains fixes for the following vulnererabilities:

Vulnerability ID:   HTB22899
http://www.htbridge.ch/advisory/path_disclosure_in_syndeocms.html

Vulnerability ID:   HTB22900
http://www.htbridge.ch/advisory/multiple_xss_vulnerabilities_in_syndeocms.html

Vulnerability ID:   HTB22902
http://www.htbridge.ch/advisory/xss_in_syndeocms.html

Please install the zip and it is important to delete starnet/addons/logging.php it is not needed anymore and is vulnerable.
With kind regards, Fred Stuurman
Main developer Syndeo CMS

Fred Stuurman

  • Forumbeheerder
  • Held
  • *****
Re: Security fixes
« Reply #1 on: 13 July 2011, 08:03:56 »
This zip contains a fixe for the following vulnererability:

Vulnerability ID:   HTB22901
http://www.htbridge.ch/advisory/sql_injection_in_syndeocms.html

It is cumulative, so the zip contains also the fixes described above!
With kind regards, Fred Stuurman
Main developer Syndeo CMS