Directories and Rewrite rules

Posted by: on Jan 24, 2012 in Bug Fix, Security | No Comments
Directories and Rewrite rules

Lazyest Gallery 1.1.8 and 1.1.8.1 fixes some serious directory issues for installs on Windows Server using UNC file paths. This release also eliminates a potential security risk in the Admin area.

Read More

Important security update!

Posted by: on Mar 11, 2011 in Bug Fix, Lazyest Gallery, Security | 5 Comments
Important security update!

Lazyest Gallery 1.0.29 or lower contains two potentially unsafe vulnerabilities.
The image popup script in lazyest-popup.php could allow cross site scripting. This vulnerability is found by High-Tech Bridge SA and they qualified it as a medium risk vulnerability.
The image processor for on-the-fly image creation could allow people to find the absolute path in which the plugin is installed. This vulnerability has been found by High-Tech Brdge SA and they qualified it as a low risk vulnerability.
Please download version 1.0.30 to fix these vulnerabilities. Download