PopPhoto Studio has been updated to patch a serious security vulnerability that could leave a server open to being compromised by malicious attackers by using a specially designed URL to include and execute remote PHP code.
Full details of the vulnerability are described in the Secunia security advisory SA SA20087 published on the 15th of May 2006.
The vulnerability only affects servers where the PHP configuration setting register_globals is turned on. PopPhoto does not require this value to be on and all users are advised to turn it off where possible in addition to applying the new security patch.
An updated version of PopPhoto (version 3.6.1) can be downloaded from the PopPhoto version history page which also provides details of the bug and a link to the file change log where you can see which file has been updated.
This security vulnerability is specific to PopPhoto Studio and does not affect Pixaria Gallery.
del.icio.us Digg itMore E-mail Problems
Thursday, July 2, 2009
Minor Pixaria Update
Tuesday, June 30, 2009
Pixaria Hosting Offer
Tuesday, June 23, 2009
Pixaria 2.6.2 Now Available
Monday, June 22, 2009
How to get a vCard file onto an iPhone
Sunday, June 21, 2009
Counting Code
Thursday, June 4, 2009
Spanish Localisation Now Complete!
Thursday, May 21, 2009
Pixaria 2.6.1 Now Available
Monday, May 18, 2009
Pixaria Roadmap Update
Tuesday, May 12, 2009
Pixaria 2.6 Service Pack
Monday, May 11, 2009
In association with Amazon, here are some great book recommendations to help you get started using Pixaria Gallery and support continued development - all at the same time!
