Phorum 5.0.13 Released
Janek Vind aka "Waraxe" notified us of an SQL injection issue exploitable via follow.php. That prompts this release that has some other changes as well.
Release: phorum.5.0.13
-----------------------
* Added a lot of code to check for invalid input - brian
(11/10/2004)
* Requests for passwords for users that have not verified will not be
sent a new verification email - brian (11/09/2004)
* some more precautions for html-entities - ts77 (11/08/2004)
* logout works with empty REFERER now too - ts77 (11/08/2004)
* fixed wrong message counts in threaded list - ts77 (11/03/2004)
* fixed backurl in controlcenter while being in a forum-folder - ts77
(11/02/2004)
* removed requirement to specify a description for forum/folder in
the admin - ts77 (11/02/2004)
* fixed user_template and user_language to allow the "default"-value
- ts77 (11/01/2004)
* fixed bug #531, msgs with attachments didn't get the right status
in moderated forums - ts77 (10/29/2004)
* Escape the HTML in name and description when editing - brian
(10/28/2004)