Current Stable MDPro Lite 1.0821 
Welcome
as a registered user you have some advantages like free downloads, comments and posting on our forums, depending upon this site's configuration and options.
Forums
Documentation
MAXdev Community
Latest Comments
Re: MDContact 3
Its been a while since any new update was posted for MD... ifteba
Re: New Areafiles section
Nice move thanks Mechael
Re: Convert old modu...
iam waiting the docs & thanks for this tutorial Mechael
|
Posted by : TiMax -
Thursday, June 30, 2005
 Thanks to Andreas Krapohl [larsneo] of Postnuke Dev team we was notified about a security issue within the current MD-Pro and xmlrpc library.VULNERABILTIES- remote code injection via xml rpc library SOLUTIONIt is recommended that all admins deactivate and remove the 'xmlrpc' module within administration-modules and additionaly remove /xmlrpc.php and and the /modules/xmlrpc folder completly from the filesystem.We highly recommends to *not* use the xml rpc library until the maintainers [1] provide a secure solution. Once an updated version is available a modularized version will be provided for download as an additional module.CREDITSThe exploit has been originally found by James from GulfTech Security Research and was reported via security contact. Additionally the maintainers of the xml rpc library were contacted.[1] phpxmlrpc.sourceforge.net 
|
