DaDaBIK 9.2.1 Monterosso is out - Security Alert
Dear all,
the release of DaDaBIK 9.2.1 was not planned but we have discovery some security issues that I wanted to fix quickly; more precisely, we are talking about SQL injection vulnerabilities which could allow an attacker to execute arbitrary SQL code. You can find all the details, together with the other bugs fixed, in the change log.
You are STRONGLY encouraged to upgrade. After upgrade, as explained in the documentation, change the parameter $dadabik_session_name in config.php using a name you haven't used in the past.
Best,
Eugenio Tacchini
DaDaBIK founder