Security exploit found in .617x versions of e107
Unfortunately another hole has been found in the .617x tree of e107.
Unfortunately another hole has been found in the .617x tree of e107. This is a rather severe problem and needs to be taken care of
immediately.
A fix is posted on sourceforge:
http://prdownloads.sourceforge.net/e107/e107v0.6174.zip?downloadA link can also be found on the download page of this site.
Overwrite your existing files with these, please make backup first. This also fixes a small error in .6172 fix, nothing major. You can also just delete your e107_files/reset
core.php if you like. This file is only needed if you have some sort of corruption with your site and need to reset your core database settings.
We appreciate everyone alerting us to this exploit and are commited to fixing any security related problems with this version.
NOTE: As reported on secunia, the last fix barely fixed anything. SweetAs was kind enough to code up a real fix for me today. I've tested it and should be MUCH better, thanks SweetAs.
The download links have been updated. Everybody must update again, sorry for the inconvenience.