------=_Part_60136_33270553.1167138861038 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Application : BE IT EasyPartner Joomla! Component URL : http://forge.joomla.org/sf/frs/do/viewRelease/projects.be_it_easypartner/frs.be_it_easypartnercomponent_for_j.be_it_easypartner_0_0_9_beta Variable $mosConfig_absolute_path not sanitized: xpl works with register_globals=on in components/com_be_it_easypartner/be_it_easypartner.ajax.php on line 15 require( $mosConfig_absolute_path.'/includes/joomla.php' ); Variable $mosConfig_absolute_path not sanitized: xpl works with register_globals=on in components/libraries/MicroXml.class.php on line 55 include_once ($mosConfig_absolute_path.'/includes/domit/xml_domit_include.php'); in components/libraries/TemplateFactory.class.php on line 24 require_once ($mosConfig_absolute_path.'/includes/patTemplate/patTemplate.php'); Fix ~~~~ Add before code: defined('_VALID_MOS') or die('Direct access to this location is not allowed.'); vitux #vitux.manis@gmail.com ------=_Part_60136_33270553.1167138861038 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline
Application : BE IT EasyPartner Joomla! Component

URL : http://forge.joomla.org/sf/frs/do/viewRelease/projects.be_it_easypartner/frs.be_it_easypartnercomponent_for_j.be_it_easypartner_0_0_9_beta

Variable $mosConfig_absolute_path not sanitized: xpl works with register_globals=on

in components /com_be_it_easypartner/be_it_easypartner.ajax.php on line 15

require( $mosConfig_absolute_path.'/includes/joomla.php' );

Variable $mosConfig_absolute_path not sanitized: xpl works with register_globals=on
in components/libraries/MicroXml.class.php on line 55

include_once ($mosConfig_absolute_path.'/includes/domit/xml_domit_include.php');

in components/libraries/TemplateFactory.class.php on line 24

require_once ($mosConfig_absolute_path.'/includes/patTemplate/patTemplate.php');


Fix
~~~~

Add before code:
defined('_VALID_MOS') or die('Direct access to this location is not allowed.');

vitux

#vitux.manis@gmail.com
------=_Part_60136_33270553.1167138861038--