Pixaria Software
Users have reported a security vulnerability in Pixaria which can be exploited if PHP's register_globals variable is turned on.
My current advice is for everyone to upgrade to the newly released version 1.4.3 or if that's not possible, to install this patched file: class.Smarty.php.zip into resources/includes on your current installation.
For reference, the installation documentation of Pixaria has been updated with information on how to prevent malicious access to Pixaria's 'include' and 'libraries' scripts as this can easily be prevented by creating a text file called .htaccess with the following text in it:
Order Deny,Allow
Deny from all This file should then be uploaded to:
-/resources/incoming/
-/resources/library/
-/resources/includes/
-/resources/pixies/
-/resources/smarty/
To test whether this is working on your site, browse to these directories using your web browser like this:
http://www.mysite.com/pixaria/resources/includes/
You should get an error message and access denied warning.
Offline Until Monday February 6th
Sunday, January 29, 2012
Pixaria Opposes SOPA and PIPA
Wednesday, January 18, 2012
Pixaria Software Ltd.
Tuesday, January 3, 2012
Pixaria 3.7 Now Available
Monday, January 2, 2012
Active Directory support coming to Pixaria AssetDeck
Sunday, December 4, 2011
Follow Pixaria on Twitter
Sunday, November 20, 2011
Pixaria Gallery 3.6 Now Available
Monday, November 14, 2011
Pixaria Gallery 3.5 Now Available
Monday, October 17, 2011
Updated Translations Coming Soon
Wednesday, September 28, 2011
Pixaria 3.4 Now Available
Saturday, September 10, 2011