-
If curl init fails there is no catch , errors cascade.
```
Warning: curl_init() has been disabled for security reasons in /srv/disk12/1467472/www/carpets.s-z1.com/admin/inc/template_functions.php on …
-
Apparently the format:
(%nanoslider kind= .... only works in the main content of GetSimple.
I tried to use I18N Custom Fields to create a field (tried wysiwyg and text) above my main content area be…
-
rework front end loading and initialization, and all definitions.
-
_Original author: aquinadie (June 10, 2011 07:22:59)_
Hi all,
recently I've discovered a security problem on admin login form (*). Neither of all variables passed on URL are sanitized and it could b…
-
GetSimple's API returns link to old (roog's 2.2.4) version of News Manager in backend plugin management page, as it is based on the plugin's file name (_news_manager.php_, same for both).
Also and bec…
-
_Original author: tablatronics (July 23, 2012 14:46:20)_
reset password functionality exposes users to denial of service.
Anyone can reset the password of a known user name.
We should add a challen…
-
Apache v2.4 is now appearing in the wild. There are some steps that need to be taken to ensure compatibility, particularly with .htaccess Deny and Allow directives.
Apparently, hosting providers may …
-
The source of the admin login page includes GS and jquery version numbers, e.g.:
```
```
-
I hope this is issue self-explanatory.
-
logging class corrupts xml files by saving invalid xml for utf-8 / cryllic strings.
``` php
Warning: SimpleXMLElement::__construct(): Entity: line 2: parser error : Input is not proper UTF-8, indicat…