- Details
-
Published on Thursday, 26 February 2004 00:00
-
Written by MamboHut
For websites that uses SEF (search engine friendly URL) option in Mambo Open Source 4.5 (all version), it's advised that you update your includes/sef.php file as soon as possible to prevent any security preach.
attached below is a copy of the e-mail that was sent out by the development team to address this issue, click on "Read more" to continue...
Due to the latest security issue Mambo users that run Mambo with SEF turned ON and have register_globals ON should make following change to their code.
Open your includes/sef.php and find this line:
Code:
while(list($key,$value)=each($_GET)) $GLOBALS[$key]=$value;
ADD this code after that:
Code:
include( "configuration.php" );
Users that don't run SEF are not affected but even they are recommended to change this.
Mambo 4.5 Stable 1.0.3 will be out soon to reflect this change.
You have no rights to post comments
