PostNuke

Flexible Content Management System

News

[ News index page | News categories | News archive ]

PNSA 2006-2 - Downloads Module "hits" SQL Injection Vulnerability

Contributed by CVE Reference:

Severity


Less critical



Impact


Manipulation of data



Vulnerabilities


SQL Injection Vulnerability (when logged in as user with administrative privilages)



Credits


Omid (omid hackers ir)



Solution


Users should immediately update to 0.763. PostNuke versions 0.763 and later are unaffected.



PostNuke 0.763 Full Release Download


Download this release for new full installations.


Download (ZIP)

MD5: 13221d427059388d509176c2de77b2b1

SHA-1: d850f06e8632814faa6b1268cc2a787a50aa7cf3


Download (TAR.GZ)

MD5: 861fb337832cc86c2ac60ba0ed9de353

SHA-1: f4ba3e9e100229cd096ed1cd695f086dae46eccc



PostNuke 0.763 Patch Files Download


Only download the patched files release if you are running a pre-existing 0.762 installation.
This patch will not work with new installations or successfully patch versions earlier than 0.762.


Download (ZIP)

MD5: e81a251b952757ec919e00589fedf0c6

SHA-1: 65d7fb1e76ce1b38f82f78de2c10543c547d3019


Download (TGZ)

MD5: bfa3f432800de453653748adc2df412e

SHA-1: a77bb37b7cc4b4e6831bdf510ade915536645a59



Simon Birtwistle [HammerHead]

PostNuke CMS Steering Committee

3794
 

Content