We've just recieved this from modernbill:
As of 11:30 EST today (8/10/05), we received noticed of a "arbitrary code execution" vulnerability from a trusted source. We have confirmed this vulnerability exists in all versions of ModernBill prior to 4.3.2 Build 2 and should be patched immediately.
*******************************************
If you are running the latest release, 4.3.2 Build 1, you may patch your install as follows:
File to patch: modernbill/include/html/config.php
Download file from:
http://forums.modernbill.com/showthread.php?t=21403*******************************************
If you are running any version other than the latest, we recommend patching the file above now and performing a full upgrade at your earliest convenience.
An updated version of ModernBill is already ready for download from our members area:
http://www.modernsupport.com/modernbill/*******************************************
Thank you for your prompt attention.
~ The ModernBill Team
~ ModernGigabyte, LLC
Please contact us if you have purchased modernbill through us for more information.
