Dragonfly CMS v9 ⇒ Coppermine ⇒ Updating/Upgrading Coppermine to prevent exploit? ⇒ Community Forums ⇒ CPG Dragonfly™ CMS
Forum IndexModules & BlocksCoppermine

Updating/Upgrading Coppermine to prevent exploit? Reply to topic


Another web guru found some information about Coppermine and let me know the following:

==============================
There is active exploit code that was posted recently that would allow someone to hack our database in the version of Coppermine Photo Gallery that we use.

I have removed the module from our system until the guys that port the code to Dragonfly update it.

If you care to read about it..


==============================
Is the information on the link legit and is there a fix in the near future?

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Linux / MySQL Version 5.0.51a-community (client: 5.0.51a) / PHP Version 5.2.6 / Dragonfly CMS 9.2.1


There is no such issue in DF Coppermine and there never will be - your "web guru" has passed on bad advice - even so, always best to check with us Smile That was for the standalone version which occasionally has security issues.

Link removed (as is our policy).

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):

Last edited by Phoenix on Thu Jun 11, 2009 8:07 am; edited 2 times in total


k, thanks man

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Linux / MySQL Version 5.0.51a-community (client: 5.0.51a) / PHP Version 5.2.6 / Dragonfly CMS 9.2.1


np - for the record, the internal DF version of CPG is at version 1.3.1.

This has also created confusion with people who then think we are behind in updates so must have some security issue - not the case.

The confusion over versions has meant that many "wanna be" hackers have wasted their time trying to apply standalone version exploits - a pita filling error logs but never successful.

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):

All times are UTC


Jump to: