Flexible Content Management System


Unauthorized access to modules using BSCI Permissions

Contributed by on Jan 31, 2004 - 04:33 AM

There is a bug in the index.php file included with the BSCIpermissions module. A protected module can be accessed by using the old module calling method. For example:


The bug exists for both the Xanthia and pnHTML versions of the module. Anyone using version 1.0.4 or earlier should upgrade immediately to prevent unauthorized access to their modules.

An updated version can be found here.

Sorry for the inconvenience.

Chris Miller