News » 16.10.2009 - phpDenora SECURITY release
It has come to our attention from bubby (from the 6667.eu network) that phpDenora has an SQL injection vulnerability. All 1.2 versions up to 1.2.3 and 1.4 versions up to 1.4.2 are believed to be vulnerable.
Please upgrade ASAP to 1.4.3 (for php 5.2 and 5.3) or 1.2.4 (if you're still stuck with old php versions) .
After upgrading, please take the following measures:
- Change all your denora admin passwords
- Make sure you change your ircop passwords as well, if they happen to be the same
Even if you think your admin passwords are safe, you NEED to upgrade phpDenora in order to avoid database corruption.
I can't stress it enough: upgrade phpDenora NOW.
Please accept my apology for this screwup :(