|Description:||Zogo v1.16 Build 15 - Security vulnerability bugfix release
This is a bugfix release related to the SQL Injection vulnerability in products.php
Everybody is advised to upgrade to this version
to avoid the SQL injection vulnerability.
This security vulnerability is already there since version 1.15.5 as it seems, so i again stress here it is really important to upgrade to this very last version.
Bugfixes in this release.
- Fixed the SQL injection Vulnerability bug in products.php
Seems this bug was already there since 1.15.5, and was mentioned on the Secunia website. You can find the report here... http://secunia.com/advisories/30232/
- Fixed the br-problem in admin_product_class.php
So it's now again possible to use normal html for the description of the product
- Fixed the Powered By Link
I think this was also a very old bug that had never been fixed, but hence it's fixed now
- Fixed the version in the plugin file
This was something i forgot to increase very often, i will try to keep more attention on that
Have fun with this release.
|Released:||07 Jul 2008 : 05:44AM|
|Requirements:||e107 v1 or higher|