Critical Vulnerability: Web Auction <= 0.3.6

A place to discuss and receive support for the Web Auction application.

Critical Vulnerability: Web Auction <= 0.3.6

Postby secpod_research_team » Wed Aug 03, 2011 1:47 am


SecPod research team member has found security vulnerability in Web Auction.

Presently reported in Bug Tracker (Above given "Bug Tracker" link), bug id is : 786
Please let us know is it a proper place or do I need to submit the details in some other place.

Waiting for the response.

Thank you,
SecPod Research Team
Posts: 2
Joined: Wed Aug 03, 2011 1:38 am

Re: Critical Vulnerability: Web Auction <= 0.3.6

Postby shannah » Wed Aug 03, 2011 1:15 pm

Please either:
1. Update to WebAuction 0.3.7 or later


2. Update the dataface directory of your existing install to use Xataface 1.3rc5 or later (or 1.1.6 if you are still on PHP 4).

This will resolve the issue.
Posts: 4457
Joined: Wed Dec 31, 1969 5:00 pm

Return to Web Auction Discussion

Who is online

Users browsing this forum: Bing [Bot] and 2 guests

Powered by Dataface
© 2005-2007 Steve Hannah All rights reserved