Manual Update Instructions Hinweis

0
There is a very seriously remote file inclusion vulnerability in

Blank Bootstrap Edition version 3.2.0 to 3.5.0.

++ Please Update You Template Immediately ++

Use the following instructions:



logic.php

replace

$doc->addStyleSheet($tpath.'/css/template.css.php?baseurl='.$this->baseurl);
with
$doc->addStyleSheet($tpath.'/css/template.css.php');



css/template.css.php

delete

$baseurl = $_GET['baseurl'];

replace

$baseurl.'/
with
$_SERVER['REQUEST_URI']

2 x @ line 44 and line 47; line 47 should look like

$compiled = file_get_contents( $_SERVER['REQUEST_URI'].'cache/'.$css_file_name );



css/font-awesoma/variables.less

replace

@fa-font-path: "../templates/frontend/fonts";
with
@fa-font-path: "../../../fonts";
Responses (0)
  • There are no replies here yet.
Your Reply