Thanks, I went ahead and upgraded my server, even though
it is a pain in the $%@!
Thanks for pointing this out!
On Friday 01 March 2002 07:13 pm, you wrote:
> Jeff, there's a description of it here:
>
> http://security.e-matters.de/advisories/012002.html
>
> At 10:35 AM 2/28/02 -050
Jeff, there's a description of it here:
http://security.e-matters.de/advisories/012002.html
At 10:35 AM 2/28/02 -0500, you wrote:
Gregg,
What was the vulnerability? I allow people to upload and download via
PHP scripts on my web site, and probably should tighten up my security...
-
The upload page has been restored to the upload gallery.
http://www.???/discussion/
For those interested in the details, a major security hole was discovered in
the PHP scripting language that is used throughout the Pinhole Visions web
site. The bug was in the file upload functions
Gregg,
What was the vulnerability? I allow people to upload and download via
PHP scripts on my web site, and probably should tighten up my security...
-Jeff
On Thu, 28 Feb 2002, Gregg Kemp wrote:
> Hi all,
>
> I have temporarily disabled the ability to upload a file to the list's
> "upload"