Questo è importante e lo segnalo
FacileForms 1.4.7 Security Release
Written by Peter Koch
Thursday, 28 September 2006
Image
A cross-site scripting vulnerability has been identified and fixed in the FacileForms 1.4.7 Security Release. The vulnerability required either PHP's register globals to be enabled, or the RG_EMULATION setting of Joomla/Mambo to on (1) which is unfortunately the default in current joomla and mambo installations. If both register globals as well as RG_EMULATION are off, the exploit was not possible.
It is advised to upgrade to 1.4.7 ASAP, and for your own safety also turn off register globals and RG_EMULATION. FacileForms 1.4.7 is available now in the Download Section, and there is a patch available for 1.4.6g as well.
Significa che è stata rilevata una falla di sicurezza che richiede rg_emulation on che sfortunatamente joomla e mambo hanno di default attivato.
se register globals e rg_emulation sono off non c'è nessun problema.
magari cercherò di integrarlo nel file di download appena torno da Miami.
scusate il ritardo.
