2007-09-12 10:39
Here are all we know bugs/exploits for Quick.Cms v1.x and v0.x #Fix 1 Quick.Cms v1.0, v0.2, v0.3 http://opensolution.org/Quick.Cms/forum/?p=readTopic&nr=132 #Fix 2 Quick.Cms v0.2, v0.3 More details about this exploit is here: http://secunia.com/advisories/22703/ If You cant update Quick.Cms to v1.x then do this few steps: 1. Edit config/general.php and find this:
if( isset( $sLang ) && is_file ( $config [ 'dir_lang' ]. $sLang . '.php' ) ){ setCookie ( 'sLanguage' , $sLang , time ( ) + 86400 ); define ( 'LANGUAGE' , $sLang ); } else{ if( isset( $_COOKIE [ 'sLanguage' ] ) ) define ( 'LANGUAGE' , $_COOKIE [ 'sLanguage' ] ); else define ( 'LANGUAGE' , $config [ 'default_lang' ] ); }
change to:
if( isset( $sLang ) && is_file ( $config [ 'dir_lang' ]. $sLang . '.php' ) && strlen ( $sLang ) == 2 ){ setCookie ( 'sLanguage' , $sLang , time ( ) + 86400 ); define ( 'LANGUAGE' , $sLang ); } else{ if( !empty( $_COOKIE [ 'sLanguage' ] ) && strlen ( $_COOKIE [ 'sLanguage' ] ) == 2 ) define ( 'LANGUAGE' , $_COOKIE [ 'sLanguage' ] ); else define ( 'LANGUAGE' , $config [ 'default_lang' ] ); }