Censura 1.16.04 Released

[Darren]

This release of Censura fixes an SQL injection flaw when browsing vendor details. We recommend all customers running previous versions of Censura upgrade to v1.16.04 as soon as possible.

As well as this urgent fix, the latest version also adds a number of improvements and fixes for PHP 5.1.x and PHP 5.2.x


Full Upgrade
The latest version is available from the Censura License Centre.


Patch File
A patch is available for the security issue, and is available free to all customers, even if your updates package has expired.

To patch your existing installation, download the zip archive at the end of this post. Extract the zip archive, then connect to your web server using FTP and overwrite the following files using the replacement versions from the zip.

• includes/funcs_vendors.php

If you are unable to download this file, please send a ticket to support with details of your license number so that your forum usergroup can be updated (we will be releasing an automated forum usegroup upgrade shortly).

[Darren]

/includes

• adminfuncs_reviews.php
• funcs_browse.php
• funcs_vendors.php
• funcs_items.php
• funcs_hall-of-fame.php

/admin

• ratings.php
• suggestions.php
• reviewfields.php

/core

• funcs.php
• init.php