Pixaria Software
PopPhoto Studio security update
Posted on Thursday, May 18, 2006PopPhoto Studio has been updated to patch a serious security vulnerability that could leave a server open to being compromised by malicious attackers by using a specially designed URL to include and execute remote PHP code.
Full details of the vulnerability are described in the Secunia security advisory SA SA20087 published on the 15th of May 2006.
The vulnerability only affects servers where the PHP configuration setting register_globals is turned on. PopPhoto does not require this value to be on and all users are advised to turn it off where possible in addition to applying the new security patch.
An updated version of PopPhoto (version 3.6.1) can be downloaded from the PopPhoto version history page which also provides details of the bug and a link to the file change log where you can see which file has been updated.
This security vulnerability is specific to PopPhoto Studio and does not affect Pixaria Gallery.
del.icio.us Digg itComments for this article
blog comments powered by DisqusRecent Entries
dConstruct 2010 - Brighton
Wednesday, September 1, 2010
Pixaria Gallery 2.9.3 Released
Thursday, August 26, 2010
Pixaria Gallery 2.9.2 Released
Wednesday, August 18, 2010
More Image Colour Tagging
Thursday, August 12, 2010
Image Colour Tagging
Tuesday, August 10, 2010
Pixaria Gallery 2.9.1 Released
Tuesday, July 27, 2010
Pixaria Forum Updates
Tuesday, July 6, 2010
Pixaria Gallery 2.8.8 Released
Sunday, July 4, 2010
Upgrades and Support FAQ
Thursday, July 1, 2010
Pixaria Support Extensions Now Available
Wednesday, June 30, 2010
