CMSimple_XH–Forum

Hello Community,

probably all TemPlug templates suffer an arbitrary code execution vulnerability. I've checked that for tp_3cols_avantgardeXH, but other TemPlug templates are most likely affected as well.

I have PMed Gert 2 weeks ago, but he has not yet replied. I suggest you immediately contact him for a fix. I will not publicly reveal any details, let alone the exploit I've written to confirm this issue. You can contact me by mail or PM for further information.

Christoph

Download new and update the folder "templug/", but without the folder "templug/data/",

Gert

I don't find a link to the updated Templug.
Where is it?
(1.4 is from january 25th 2012)

http://www.ge-webdesign.de/cmsimpletemplates/?TemPlug

You have to update the templates, not the plugin,

Gert

Gert wrote:http://www.ge-webdesign.de/cmsimpletemplates/?TemPlug
You have to update the templates, not the plugin,

Ah, thank you. I am trying out tp_float_treesXH.zip - but it was not updated (it is from 27 march 2013).

MiHa wrote:but it was not updated (it is from 27 march 2013).

It IS updated - I have updated all templates on 27 march 2013,

Gert

Great news!

I got started on the new CMSimple 4 on or right after march 27, then =)

I was on the old CMSimple a long time ago for a NGO ( www.hemundervisning.org ), and recently needed more - SO happy about the progress you are making!

MiHa wrote:I got started on the new CMSimple 4 on or right after march 27, then =)

"On" or "right after"?

I have uploaded the new zip files 2 pm in the afternoon, but in case "right after march 27" you have the new template surely,

Gert