The proof of concept could lead to an SQL injection.
To fix the vulnerability on older versions we are releasing a patch file. The patch file should be placed in your
The security patch file can be downloaded from: /includes/extra_configures/security_patch_notify_20190707.php
(right click and "save link as")
or use the attachment below.
Note 1: We have only tested the patch going back to v1.3.8. Use of the patch on prior versions is not guaranteed.
Note 2: The security patch has been directly incorporated into v1.5.6c (released today) and also the v1.5.7 development branch. There are no
adverse consequences from having the security patch file in either of these versions.
Contact Older post