osCmax v2.5 User Manual
Results 1 to 1 of 1

osCMax v2.0.3 Security Update Released

This is a discussion on osCMax v2.0.3 Security Update Released within the Announcements forums, part of the osCmax News and Announcements category; A vulnerability has been discovered in osCMax v2.0.2 that does not properly sanitize output. This allows an attacker to change ...

      
  1. 07-01-2009, 10:14 AM #1
    michael_s
    michael_s is offline
    osCMax Developer

    michael_s's Avatar
    Join Date
    Jul 2002
    Location
    Phoenix, AZ
    Posts
    19,824
    Donation Award 
    Rep Power
    568

    Default osCMax v2.0.3 Security Update Released

    A vulnerability has been discovered in osCMax v2.0.2 that does not properly sanitize output. This allows an attacker to change the url string and inject malicious code.

    osCMax v2.0.3 has been posted to the download page and the fixes are also present in SVN trunk and the v2.1 branch.

    It is recommended that all osCMax users update their sites with this patch. All versions of osCMax are vulnerable, including all prior versions of v2.0x.

    Download the zip file and replace /admin/includes/application_top.php with the contained file. That is all that needs to be done. Note that this patch has only been tested on v2.0.2 but should work with all v2.0x versions of osCMax.
    Attached Files Attached Files
    Michael Sasek
    osCMax Developer

    osCmax Installation Service     - Have our professionals install osCmax on your server - same day service!
    osCmax 2.5 User Manual - the must have beginners guide to osCmax v2.5

    Stay Up To Date with everything osCMax:
    Free osCmax Newsletters - Security notices, New Releases, osCMax News
    osCmax on Twitter - Up to the minute info as it happens. Know it first.

    osCmax Documentation
« Full usable demo on line | osCMax v2.0.15 Released Today! »

Similar Threads

  1. osCMax Security Update - XSS flaw patched
    By michael_s in forum Announcement Discussions
    Replies: 20
    Last Post: 03-31-2009, 12:45 PM
  2. osCMax Security Update - Arbitrary Upload Exploit
    By michael_s in forum Announcement Discussions
    Replies: 16
    Last Post: 09-29-2008, 09:25 AM
  3. osCMax 2.0RC2 Security Patch/Update 051112
    By wilde-uk in forum osCmax v2 Installation issues
    Replies: 5
    Last Post: 04-12-2006, 07:45 PM
  4. osCMax 2.0RC2 Security Patch/Update 051112
    By michael_s in forum Announcements
    Replies: 0
    Last Post: 11-27-2005, 09:12 AM
  5. MS2-MAX 1.5.5 BTS UPDATE RELEASED
    By michael_s in forum osCmax v1.7 Announcements
    Replies: 0
    Last Post: 11-23-2003, 09:27 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules