Photopost vbulletin gallery releases update
by Brian Turner
The developers of Photopost, the popular image gallery addon for vbulletin, have released a new version of Photopost Gallery.
This is due to an exploit that affects all versions of PhotoPost vBGallery prior to 2.4.2 but does not affect PhotoPost Pro, ReviewPost, or PhotoPost Classifieds.
This is due to a new exploit that hackers have created in order to upload and attempt to execute php scripts on a webserver using vBGallery.
The exploit essentially involves uploading a PHP script disguised as an image file, using a filename that contains a “.php.gif”, “php.wmv” or a similar file extension in order to manipulate or trick the Apache webserver into executing the script as a PHP program.
Ultimately, this is a security flaw in the Apache webserver and has the potential to affect any software that handles user file uploads, not just vBGallery, but Photopost have patched vBGallery and released 2.4.2 to prevent this issue from occuring.
Click here to discuss this: Security Forums
Related posts to "Photopost vbulletin gallery releases update":
- Microsoft Releases TCP Patch
- Microsoft Releases The MS08-002 Update
- Adobe Issues Flash Update
- Delay Update Of FISA Act
- Excel patch updated by Microsoft
Previous: « Yoggie introduces USB firewall
Next: Microsoft SP3 blocks some current CorelDraw files »
Visited 32899 times, 5 so far today