We have just released LogAnalyzer 3.4.3. This stable release has the following changes:
Download file name: LogAnalyzer 3.4.3 (v3-stable)
Version 3.4.3 (stable), 2012-05-23
- Fixed several security vulnerabilities discovered by Filippo Cavallarin.
This contains the following fixes:
- Fixed SQL Injection vulnerability in admin/view.php
- Fixed Cross Site scripting issue filter parameter on index.php
- Fixed Cross site scripting issue of id parameter on admin/reports.php
- Fixed Cross site scripting issue of id parameter on admin/searches.php
- Fixed arbitrary file read issue in Disk LogStream class. The config.php file does now contain an array "DiskAllowed" which contains allowed directories. Only files located within these allowed directories can be accessed in LogAnalyzer. By default, only /var/log is allowed.
File size: 1003528 Bytes