miniBB Support Forums | 16 years on The Web
miniBB ®


 | Begin | Register | Reply | Search | Statistics | File Bank | Manual |
Tidings miniBB Support Forums / Tidings /   

RSS addon update - file inclusion vulnerability fix

Author Paul
Lead Developer
#1 | Posted: 13 Jun 2007 12:56 | Edited by: Paul 
For those who are using RSS addon, we recommend to install the patch which fixes so known vulnerability when register_globals in PHP is set to ON.

If register_globals is set to OFF, or if you are using Premoderation addon, you don't need to worry.

Else modify the file rss2.php and paste this line BEFORE the line which declares the setting called $premodDir (commented by default):

if(isset($premodDir)) unset($premodDir);
//$premodDir='./shared_files/'; /* If you are using premoderation addon, set/uncomment this option to not display pending messages in the RSS feed. */

Thanks to our user kazim09 who has been reported this issue.

Tidings miniBB Support Forums / Tidings /
 RSS addon update - file inclusion vulnerability fix
 Share Topic's Link

Your Reply Click this icon to move up to the quoted message

Post as a Guest, leaving the Password field blank. You could also enter a Guest name, if it's not taken by a member yet. Sign-in and post at once, or just sign-in, bypassing the message's text.

Before posting, make sure your message is compliant with our forum posting rules. If not, it may be locked or deleted with no explanation.


miniBB Support Forums Powered by Forum Software miniBB ® Home  Features  Requirements  Demo  Download  Showcase  Gallery of Arts
Compiler  Premium Extensions  Premium Support  License  Contact Us
Check out the Captcha add-on: protect your miniBB-forums from the automated spam and flood.