Magnolia

Critical exploit found in e107 CMS

By Mike Johnston January 23, 2010 News & Headlines  Comments

A critical exploit has been found in the open source CMS, e107.

The e107 team is asking that if you know someone who is running the system or if you are running it, you upgrade immediately to prevent any potential security issues from arising.

From the announcement:

We were recently informed of a very nasty exploit that, as far as we can see, affects almost all e107 0.7 releases. Everyone running e107 needs to get their sites updated as soon as possible. If you are a site owner and you are unable to upgrade for some reason (too much hacked core code), please contact me directly and I can help you with a
quick-fix.

Please get the word out to all other e107ers. If you find an e107 site out there, post on their site somewhere about this
upgrade.

We have also included an automatic update check in this release. It was in previous ones, but was based of sourceforge's rss feed, which they apparently don't want to fix. The new code will now check a file on e107.org, which will always contain the most recent e107 release information. If there is an update available, you should see a notice on your main admin screen. Depending on your admin theme, it may also appear in the left column of all admin pages.

You can download this release from e107.org


Tags: Everyone 1 cms 866 e107 7 wcm 727 update 35 site 114 announcement 28

Mike Johnston

Mike Johnston Author

I am the guy behind CMS Critic. I started it back in 2006 and we've been going strong ever since. When not traveling to conferences, I am based out of Edmonton, Alberta, Canada where I live with my beautiful wife and kids.

Stay on top of the CMS world

Sign up to get CMS Critic's weekly newsletter filled with the latest CMS Reviews, News and Views.