Vulnerability 2.8.3-SP5 and probably prior
A vulnerabity was found in WebsiteBaker version 2.8.3 SP5.
The problem was existing in earlier versions too, so action is required.
Not all webmasters and webdesigners are happy with upgrading their installations to the SP6 (RC3) version, so we like to provide you with some patchfiles that will help you in fixing the vulnerabity without performing a full upgrade.
How to use this patch
Download the patch file for your WB version and unzip it to your local harddrive.
Upload the files using FTP in their structure to your WB installation.
The patched files are:
/admin/preferences/save.php
/account/details.php
/account/email.php
Patch for WB 2.8.3 SP3 - download
Patch for WB 2.8.3 SP4 - download
Patch for WB 2.8.3 SP5 - download
The patches above were inclomplete! At this time the best advise is to upgrade to SP6 or SP7!
Please consult the WB forum for more information about the vulnerability.
This article is tagged with:
WebsiteBaker 2.8.3 Patchfile Security
Related articles
Make your WebsiteBaker admin more secure
WebsiteBaker does not have any intrusion detection on the admin pages, so any brute-force attack can go on for a long time without you knowing about it.
There is a solution.
Some unwanted settings after upgrading WebsiteBaker to SP6 or SP7
Upgrading WB to the latest version is always a good idea.. but..
Unfortuntly there are some default settings enabled that could break your website after upgrading from an older revision.
Share this page
