DynPG Update 4.2.1 with error, new release from 23th November - dynpg: Websites einfach gepflegt mit diesem Content Management System

- = +

DynPG Update 4.2.1 with error, new release from 23th November

Launched new release candiate as of 2010-11-23. Download changed Files here if Version 4.2.1 is allready installed.

bugfix: hide internal include file path on require error
bugfix: file inclusion vulnerability in SetParam_Plugin_Language because of missing get parameter sanatizing.
bugfix: fixed mysql injection vulnerability.
bugfix: escape_string with real_escape_string.
bugfix: realescape string password and systemname.
bugfix: fixed several vulnerabilities (noticed by High-Tech Bridge SA HTB22701 - HTB22703).
bugfix: add slashes to subarrays inside _POST, too.
added: new Template var Listing_Empty in write_allArticles().
added: slashed article fields for php functions within template to avoid parsing errors! $#PHP !empty('{$TITLESLASHED}') # if TITLE contains ' unslashed will fail!
bugfix: notLike match as corrected, since it has been used twice inside match4.
update: tcpdf class to 5.9.
bugfix: mediabrowser popup.
bugfix: reduced fading time for loading effects.