Downloads and Weblinks Vulnerability patch with Theme select for logos Date: Thursday, October 09 @ 15:19:53 CEST Topic: Bug Fixes Recently a sql injection vulnerability has been reported that relates to the Downloads and Web Links modules where an admin account can be created by passing a sql line through the $cid variable, i have patched both modules not only to block this code to be passed through the $cid variable but on all similar variables as well, patch your websites. Same fix chatserv has written i just updated it for 6.9 and the theme select option to use the Web logo or The Down logo for each theme. Download here for 6.9 Telli http://codezwiz.com This article comes from NukeCops http://www.nukecops.com The URL for this story is: http://www.nukecops.com/modules.php?name=News&file=article&sid=797