9.gif
Best Blackhat Forum / Freebies / Software, Scripts, Plug-ins, Tools and Bots / release XenForo 1.3.5 nulled

Search (advanced search)
Use this Search form before posting, asking or make a new thread.
Tips: Use Quotation mark to search words (eg. "How To Make Money Online")

New Reply
 
08-28-2014, 01:42 AM
Post: #1
kalle1 Offline
Member
***
Posts: 166
Joined: May 2013

Reputation: 57
release XenForo 1.3.5 nulled
This release
addresses a security vulnerability that was identified. As such, we
recommend that all customers running 1.3 upgrade to 1.3.5 as soon as
possible.

http://www35.zippyshare.com/v/89284013/file.html



The security
issue relates to XML processing. A specially crafted XML file can be
used to enact a denial of service attack or potentially read files from
the the file system. This type of vulnerability has been identified in
many other applications. In XenForo, the risk is mitigated as only
authenticated administrators may trigger the XML processing routines;
website visitors cannot directly exploit this issue. However, if you
import RSS feeds from elsewhere, these could potentially be modified to
trigger the issue. As such, we strongly recommend that you upgrade to a
patched version as soon as possible.



This release also fixes a number of bugs and issues that were found since the release of 1.3.4. Some of these include:


  • Only enqueue the mail queue once in a request to reduce possibility of deadlocks
  • Fix forum watch alerts not being sent when a thread needs to be manually approved
  • Fix thread prefix selector via Ajax in the admin control panel
  • If a media embed key contains censorted text, do not embed the media
  • Fix autolinking in basic text sources where HTML is accidentally used
  • Prevent an error in the phpBB importer when the attachment physical filename is empty/invalid
  • Fix potential error with invalid characters from an imported feed
  • When importing a feed, do not display duplicate author names
  • Remove unnecessary dependency on the discussion preview length option in the multi-quote overlay
  • Missed "not" from the facebook_did_not_provide_email phrase, changing the meaning of the text
  • Hid the "Identities" section of the contact details page if there were no custom fields that went there
  • Added bottom padding to quote text elements to prevent clipping in certain browsers/OSes
  • Fixed full screening videos where the iframe had a max-width/height specified
  • Fixed tabindex on the login form when registration was disabled
  • Hid the message about dragging multi-quote elements around when not supported

See the Resolved Bug Reports forum for further information.



The following templates have had changes:


  • account_contact_details
  • bb_code.css
  • helper_login_form
  • thread_multi_quote_overlay.css
find Quote
New Reply
 




84.gif
Contact Us | BestBlackhatForum | Return to Top | Return to Content | Lite (Archive) Mode