IPBSupport News 8 Report post Posted December 1, 2006 IP.Blog 1.2.4 Security Update It has come to our attention that an attack can be performed using IP.Blog version 1.2.4 and below via SQL injection. The download for IP.Blog 1.2.4 has been updated. To patch your current installation, download the attached file and upload it to (modules/blog/lib/entry_reply_entry.php) on your server. See the reply to this announcement for manual patching instructions if you do not wish to upload the entire file. Note: IP.Blog installations integrated with an IP.Board version 2.2 are not impacted due to IP.Board 2.2's new security enhancements. Quelle: http://forums.invisionpower.com/index.php?showtopic=230108 Share this post Link to post
