Sep 03, 2010 | 06:25 PM  
Welcome

Don't have an account yet? You can create one, it is free, just click here

as a registered user you have some advantages like free downloads, comments and posting on our forums, depending upon this site's configuration and options.

 • •  Control Panel - Register - Login  • • 
Search site | Areafiles | About MDPro | MDPro features | Site map
Current Stable MDPro Lite 1.0821 Download
Welcome
Download MDPro package

Home | News | Releases News | MAXdev News | Support and Security News | Development News | PDA News
Forums
Documentation
MAXdev Community
Latest Comments
  Re: MDForum security fix
Thanks for the fixed! auctions antiques ...
aubreehill
  Re: MDPro 1.083 RC r...
thanks for the realeased! mac to ipod ...
aubreehill
  Re: Security fix for...
i think those black mailers are just jealous of what yo...
aubreehill
Support and security : Arbitrary SQL code execution via adodb
Posted by : TiMax - Tuesday, January 10, 2006
Security
The MAXdev CMS Development Team was notified by Andreas Krapohl [larsneo] about an exploit discovered by secunia.com that is a vulnerability in the adodb database abstraction layer.
VULNERABILTIES Arbitrary SQL code execution via adodb (when db-user is 'root' without password)


SOLUTION It is recommended that all admins check for the following file and remove it if found: pnadodb/server.php
The main MD-Pro packages have been updated.
CREDITS The exploit was originally discovered by Secunia (http://www.secunia.com), additional information was provided by Maksymilian Arciemowicz (http://www.securityreason.com)MAXdev Team


   Printer friendly page  

Hosted by MAX s.o.s.
All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest ©2004~2006 MAX s.o.s.
You can syndicate our news using the file backend.php
Terms of use    Privacy policy