Php photo gallery TWG | JFUploader | TWG Flash upload | WFU | Forum https://www.tinywebgallery.com/forum/ |
|
is version 2.5.4 joomla_flash_uploader security risk https://www.tinywebgallery.com/forum/viewtopic.php?f=12&t=2857 |
Page 1 of 1 |
Author: | videovic [ 6. Jan 2011, 07:58 ] |
Post subject: | is version 2.5.4 joomla_flash_uploader security risk |
is version JFU 2.1.2, the latest download on the site, newer than the one i have on my site already? the one on my site is V 2.5.4. my joomla sites have been listed on the CBL email block list because of software listed in the listing here for flash uploader joomlaexploit.com/ as a result all users on the ip have blocked emails for hotmail etc. do i need to remove the uploader or am i secure with V 2.5.4 thanks vic in toronto |
Author: | TinyWebGallery [ 6. Jan 2011, 13:50 ] |
Post subject: | Re: is version 2.5.4 joomla_flash_uploader security risk |
Hi, JFU is NOT listed here: http://joomlaexploit.com/ There are a couple of other components listed which have expoits in their upload (and even the Joomla core). And the current version is 2.12.1 which is of course newer than 2.5.4. But you should update because of a different parameter handling in Joomla. See: http://www.tinywebgallery.com/en/tfu/web_jfu.php#dl - Michael |
Page 1 of 1 | All times are UTC + 1 hour [ DST ] |
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |