راهنما
نسخه 3.0.5 منتشر شد. در این نسخه برخی از باگ ها سیستم در قسمت آدرس دهی رفع، توسعه بخش امنیتی و کلا ارتقا امنیت سیستم و بهبود هسته انجام شده است.
جزییات بیشتر به نقل از سایت IPS :
نقل قول
Major Changes Since 3.0.4
Among many dozens of smaller bugs fixed and performance improvements, the following security enhancements were made:
* SQL and local file include issue fixed. Note: Due to protection within the SQL driver classes, it is very difficult to effectively exploit IP.Board using this attack. Also you need moderator permissions to perform any exploit. We've hardened this code regardless. Also, due to the input cleaning functions IP.Board uses, the local file include is limited to PHP files on the file system as the usual 'null byte' trick is ineffective.
* Internet Explorer XSS Issue due to incorrect attachment handling fixed
Among many dozens of smaller bugs fixed and performance improvements, the following security enhancements were made:
* SQL and local file include issue fixed. Note: Due to protection within the SQL driver classes, it is very difficult to effectively exploit IP.Board using this attack. Also you need moderator permissions to perform any exploit. We've hardened this code regardless. Also, due to the input cleaning functions IP.Board uses, the local file include is limited to PHP files on the file system as the usual 'null byte' trick is ineffective.
* Internet Explorer XSS Issue due to incorrect attachment handling fixed
جزییات بیشتر :
http://community.inv...d-305-released/
