XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. XOOPS Modules Support forums / 
  3. Module troubleshooting 
  4.  / Possible security leak in ibrowser and imanager for tinyeditor
Register
1
frankblack
Possible security leak in ibrowser and imanager for tinyeditor

  • 2007/1/16 20:42

  • frankblack

  • Just can't stay away

  • Posts: 830

  • Since: 2005/6/13


A user reported a possible vulnerability in ibrowser and imanager through the use of phpThumb. The phpThumb version used in these plugin were a bit older, but much younger than the latest security report on phpThumb. imanager and ibrowser are now using phpThumb 1.76.

For those already using ibrowser or imanager: just remove the old folder phpThumb within imanager or ibrowser (with subfolders) and upload the new one.

I wasn't able to reproduce the bug and did not found new security leaks, but I wanted to be sure, so this is why I was taken action.

Don't forget to set chmods as described in the documentation.

phpThumb patch can be found HERE

Repacked ibrowser can be found HERE

Repacked imanager can be found HERE

Sorry for the inconvenience!

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

468 user(s) are online (77 user(s) are browsing Support Forums)

Members: 0

Guests: 468

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Oct 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits