I just wanted to post a quick message about the recent security vulnerability in Pixaria now that it's been dealt with. The issue relates to a single file in Pixaria's resources/includes/ directory called class.Smarty.php and it will only affect systems where the 'register_globals' setting for PHP is turned on.
The vulnerability allows a hacker to include and execute malicious PHP code over the internet which can then be used to give the hacker access to the affected web server as if they owned it.
The fix works by preventing the class.Smarty.php file from including remote files. The next update to Pixaria will feature changes to all include files to prevent them from being called or executed individually in this way.
Offline Until Monday February 6th
Sunday, January 29, 2012
Pixaria Opposes SOPA and PIPA
Wednesday, January 18, 2012
Pixaria Software Ltd.
Tuesday, January 3, 2012
Pixaria 3.7 Now Available
Monday, January 2, 2012
Active Directory support coming to Pixaria AssetDeck
Sunday, December 4, 2011
Follow Pixaria on Twitter
Sunday, November 20, 2011
Pixaria Gallery 3.6 Now Available
Monday, November 14, 2011
Pixaria Gallery 3.5 Now Available
Monday, October 17, 2011
Updated Translations Coming Soon
Wednesday, September 28, 2011
Pixaria 3.4 Now Available
Saturday, September 10, 2011