<<< Date Index >>>     <<< Thread Index >>>

Re: TYPO3 3rd party extension (cmw_linklist) SQL Injection vunerability



On Thu, Mar 03, 2005 at 05:08:30PM -0000, Fabian Becker wrote:
> Maybe someone will find a way to exploit this one in a
> maliceous way so get typo3 to update it's software!

Maybe someone will learn to use bug tracking systems for that
matter. :)

http://bugs.typo3.org/bug_view_advanced_page.php?bug_id=0000857

----------------------------------------------------------------------
 xonx - 04.03.05 13:52 CET
----------------------------------------------------------------------
An updated version (1.4.2) of the extension has been uploaded to TER and
can be found on http://typo3.org/extensions/repository/list/cmw_linklist/
or via Extension Manager.
All users of this extension are strongly advised to immediatly update this
extension.
(latest patch is attached)

-- 
 ---- WBR, Michael Shigorin <mike@xxxxxxxxxxx>
  ------ Linux.Kiev http://www.linux.kiev.ua/

Attachment: pgpzQfPN3YqAZ.pgp
Description: PGP signature