Hello all together, As I uses the oxchkversion.php last days I came to the belief it could be a potential risk. If someone wants to attack an oxid-shop, the offender can see exactly, wich fixes are in the shop and analyze how to attack best. Would it not be better to integrate this function into the backend, or even secure it by requesting an admin-password.
Regards, Kai ------------------------------------------------------------------------ *Vektor*Design - Web-Programmierung Kai Gazmaga Neue Strasse 83 89 073 Ulm Tel.: 0731 / 37 81 953 Fax: 0731 / 37 81 952 Mail: [email protected] Web: http://www.vektordesign.de _______________________________________________ dev-general mailing list [email protected] http://dir.gmane.org/gmane.comp.php.oxid.general
