Update section

Make sure you keep your themes and plugins updated for the safest, smoothest site experience

SECURITY FIX for all templates

Product:
all
Date:
03/04/2016
Version:
Security Fix
Download

Changelog

  1. Security fix - fixed potential SQL Injection

Update details

Thanks to report from one of our users, we have fixed a potential SQL Injection issue in our NSP GK5 module and all templates. All template packages have been updated (we have also hot fixed the NSP GK5 instances in the quickstart packages).

In order to fully secure your installations please do the following steps:

* Install the newest version of the NSP GK5 module.

* Install the template updated package (if you are using not modified template)

Important! In fact the security fix is easy to apply, so if you have a modified version of the template, please just apply the following changes:

Please look in the file lib/gk.framework.php or in the lib/framework/helper.social.php file for the following lines:

$id = JRequest::getVar('id', '');

and

$catid = JRequest::getVar('catid', '');

and please replace them to the following ones:

$id = (int) JRequest::getVar('id', '');

and:

$catid = (int) JRequest::getVar('catid', '');
Remember me
Register New Account
If you are old Gavick user, click HERE for steps to retrieve your account.