|
As reported at:
http://www.securityfocus.com/bid/39858
There was a vulnerability issue in our new dj-classifieds extension.
This was already fixed.
New version is available to download here: dj-classifieds-0.9.2.
If you're already using dj-classifieds extension you can fix the issue manually:
In file components/com_djclassifieds/controller.php
near line 428 replace:
for ($i = 0; $i < count($pliki['name']); $i++)
{
if (substr($pliki['type'][$i], 0, 5) == "image")
{
$nazwa = md5(microtime()).$pliki['name'][$i];;
$images .= $nazwa;
$images .= ";";
$sciezka = JPATH_BASE."/components/com_djclassifieds/images/".$nazwa;
move_uploaded_file($pliki['tmp_name'][$i], $sciezka);
$this->makeimg($sciezka);
if ($i == 0)
{
$this->makeimg_s($sciezka);
} //tylko dla pierwszego obrazka miniaturka
}
}
to:
for ($i = 0; $i < count($pliki['name']); $i++)
{
if (substr($pliki['type'][$i], 0, 5) == "image")
{
$s_f = getimagesize($pliki['tmp_name'][$i]);
if(is_array($s_f) && $s_f[0] > 2){
$nazwa = md5(microtime()).$pliki['name'][$i];;
$images .= $nazwa;
$images .= ";";
$sciezka = JPATH_BASE."/components/com_djclassifieds/images/".$nazwa;
move_uploaded_file($pliki['tmp_name'][$i], $sciezka);
$this->makeimg($sciezka);
if ($i == 0)
{
$this->makeimg_s($sciezka);
} //tylko dla pierwszego obrazka miniaturka
}
}
}
|
DJ-ArtGallery
DJ-Catalog2
DJ-Classifieds
DJ-Flyer
DJ-ImageSlider
DJ-LikeBox
DJ-Menu
DJ-MultiTreeMenu
DJ-TabGenerator
