[geeklog-announce] Security alert: Webservices exploit
Dirk Haun
dirk at haun-online.de
Thu Apr 9 15:59:40 EDT 2009
Another SQL injection exploit has been published, this time targetting
the Webservices API in Geeklog 1.5.x (earlier versions are not affected).
We will be releasing an update ASAP, but in the meantime, you can secure
your site by disabling the Webservices in the configuration:
Configuration > Geeklog > Miscellaneous > Webservices
For more information, see
http://www.geeklog.net/article.php/webservices-exploit
--
http://www.geeklog.net/
http://geeklog.info/
More information about the geeklog-announce
mailing list