VULNERABILTIES
- Anonymous users can add comments without being required to log in.
SOLUTION
It is recommended that all admins upgrade to PostNuke CMS Platinum
Edition 0.761
The hash sums for the PostNuke CMS Platinum Edition 0.761 are:
MD5
4b76e09c507db0224d34fc448e7efb91 PostNuke-0.761.tar.gz
c4090097b26caa38115540e24378e9b4 PostNuke-0.761.zip
SHA1
b69d9bfabb5c8641e4b5dd9e9ee6f5803d86c41d PostNuke-0.761.tar.gz
79869b9a7003ac9046788cebad23135f68eef648 PostNuke-0.761.zip
Download from
http://downloads.postnuke.com
CREDITS
The exploit was originally discovered by Devin Hayes (InvalidResponse)
Drak [drak]
PostNuke CMS Development Team
16920