⚠ In case you've missed it, we have migrated to our new website, with a brand new forum. For more details about the migration you can read our blog post for website migration. This is an archived forum. ⚠

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

image crud - XSS vulnerability

Started by J-c, 22 January 2013 - 21:51 PM

Single Page

J-c

Member

Posted 22 January 2013 - 21:51 PM

Hi,

I don't know the last version of image crud but with the actual you can upload anything (.php, .exe).
And the Class ImageUploadHandler doesn't work :
You can write whatewer you want in the 'accept_file_types', you can still upload .exe or .php files.

web-johnny

Administrator
1,166 posts

Posted 26 January 2013 - 18:43 PM

Hello [member='J-c'], this bug was resolved as for version 0.6 that I just released. For more please visit: http://www.grocerycrud.com/image-crud

J-c

Member

Posted 27 January 2013 - 19:38 PM

Wow, thanks a lot web-johnny. It works fine now!!