Blog Extension by Aheadworks: Critical Security Issue


We've released a new version of Blog extension that closes a recently discovered security issue. We strongly encourage all users of our extension to download the latest version for free.

Type: SQL Injection
Known Successful Attacks: None
Description: Two potential vulnerability issues which allowed SQL injection were discovered and subsequently fixed in the latest edition of the extension.
Products Affected: Blog CE prior to 1.3.18
Blog EE prior to 1.3.18
Fixed in: CE 1.3.18
EE 1.3.18
Update for free: Download CE version from this page
Update EE version from customer area*

*Note that all Blog EE owners, are eligible for free technical support on the extension until September 17th. Please contact us if you experience any problems with access or download of the update!