Inadequate filtering leads to information disclosure.
Joomla! version 1.7.3 and all earlier versions
Upgrade to version 1.7.4 or 2.5.0 or higher
Reported by Erwan Peton – Intrinsec
The JSST at the Joomla! Security Center.
New feature has been added:
[+] (Windows only) Support of PHP 5.3 has been added. More details in article http://kb.parallels.com/en/113179
The following bugs have been fixed:
[-] Cross-site scripting in health monitor
[-] Web presence Builder has session identifier without HttpOnly flag
[-] Synchronization of subscription with Service Plan doesn’t work if Service Plan has disabled webhosting
[-] (Linux only) Licence key update failures aren’t logged
[-] (Linux only) Receiving DrWeb license key doesn’t work
[-] (Windows only) Cannot create MSSQL database if MySQL databases limit is 0
[-] (Windows only) Health Monitor fails to create configuraion files on Turkish Windows
The newest cPanel & WHM release, 11.30.5.6, improves Google Chrome support.
This update for cPanel & WHM resolves an issue with handling form submissions by newer versions of Google Chrome. The error affected file uploads in the cPanel File Manager for Chrome users.
cPanel & WHM 11.30.5.6 also corrects an issue with setting the eximstats database password on new installs.
We strongly recommend that all server admins update their cPanel & WHM servers immediately.
To update cPanel & WHM manually:
For More information on these issues, please visit the cPanel & WHM 11.30 Change Log.
New feature has been added:
[+] (Windows only) Support of PHP 5.3 has been added. More details in article http://kb.parallels.com/en/113179
The following bugs have been fixed:
[-] Cross-site scripting in health monitor
[-] Web presence Builder has session identifier without HttpOnly flag
[-] Synchronization of subscription with Service Plan doesn’t work if Service Plan has disabled webhosting
[-] (Linux only) Licence key update failures aren’t logged
[-] (Linux only) Receiving DrWeb license key doesn’t work
[-] (Windows only) Cannot create MSSQL database if MySQL databases limit is 0
[-] (Windows only) Health Monitor fails to create configuraion files on Turkish Windows
WordPress.org is officially joining the protest against Senate Bill 968: the Protect IP Act that is coming before the U.S. Senate next week. As I wrote in my post a week ago, if this bill is passed it will jeopardize internet freedom and shift the power of the independent web into the hands of corporations. We must stop it.
On January 18, 2012 many sites around the web — from small personal blogs to internet institutions like Mozilla, Wikipedia, reddit, and I Can Has Cheezburger? – will be going dark in protest and to drive their visitors to sites like americancensorship.org to take action and help fight the passage of the Protect IP Act. So will WordPress.org.
If you want to join the protest by blacking out your WordPress site or applying a ribbon, there is now a variety of blackout plugins in the WordPress.org plugins directory. While joining the protest in this manner is laudable, please don’t forget to also make those phone calls to U.S. Senators — they’re the ones with the voting power.
50 queries. 8.75 mb Memory usage. 0.257 seconds.