[pLog-svn] Please update your templateeditor plugin asap
Oscar Renalias
oscar at renalias.net
Thu Feb 22 17:09:14 EST 2007
You should have told us right away. We had sort of a justification
for the security issue that resulted in LT 1.1.6 released (you had to
know that "trick" to get it to work), but these ones are just
embarrassing.
On 23 Feb 2007, at 00:09, Matt Wood wrote:
> Hah, I forgot about that one. That has been around since that
> plugin came out. I kinda disregarded it because you had to be
> logged in and pLog wasn't so multi-user back then.
>
> Good 'ole directory traversals.
>
> -Matt
>
> On 2/22/07, Oscar Renalias <oscar at renalias.net> wrote: http://
> www.lifetype.net/blog/lifetype-development-journal/2007/02/22/
> critical-security-issues-found-in-the-templateeditor-plugin
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
More information about the pLog-svn
mailing list