 Dear friends, DataLife Engine version 9.0, release is on testing and preparation, but for now we suggest you read the information about what awaits you with a new version. In this release, we introduce new JS script framework, new features in the templates to implement your ideas, new opportunities for video player, new mechanisms to fight spammers and much more, but everything in detail ... Problem: User is allowed to upload files to server (no pictures), may go beyond the permitted download folder, and if he has the administrator account, then interrogate the script. Error in version: All Versions The degree of danger: Medium (High if the administrator account are online) Distribution version 8.5 has been updated. Problem: Under certain conditions, your site can be attacked XSS. Attacker can steal cookies; browser if administrator use outdated browser. So he can access to authorized area. View more about XSS : http://en.wikipedia.org/wiki/Cross-site_scripting Affected version: 7.x - 8.5 The degree of danger: Low Download the patch and copy to your own server patch: dle7_85_path.zip This patch applies to all versions: 7.x - 8.5 |
Updates Yandex SEOUpdates Yandex searchUpdates Yandex CatalogueUpdates Google
Google: datalife engine Google: telecharger dle engine 9.4 francais Google: dle static page link Google: what is datalife engine demo Google: t Google: how to increase height of textarea
Dle templates English