PyroCMS is an open source content management application. Initially released in 2009, PyroCMS has grown rapidly, accepting code from over 120 contributors, and today PyroCMS powers more than 43,000 websites.
Backup and restoration
7 June 2014 - 35MBThis vulnerability effects all CodeIgniter installations (PyroCMS is built on top of CodeIgniter). On some server setups, this vulnerability allows a user to crack the "encrypted" session cookie and inject their own data into the session key. This can happen on any application running on top of CodeIgniter which does not have the mcrypt extension installed.
A good piece of news is that PyroCMS uses the database as a store for its session data, so all that can really be done is that the sessionid can be injected into the session cookie. This _can lead to a session hijack if a malicious user can guess a valid session_id, but the chances of that are slim. Regardless, it could happen, so updating is required.
Read more: http://docs.pyrocms.com/2.2/manual/reference/changelog
28 April 2014 - 35MBRead more: http://docs.pyrocms.com/2.2/manual/reference/changelog
13 August 2013 - 35MBImprovements
- Removed a flag in the WYSIWYG field type that was incompatible with php 5.3 and older
Read more: http://docs.pyrocms.com/2.2/manual/reference/changelog#2_2_3-august-13-2013
12 August 2013 - 35MBImprovements
- Added new Lithuanian language translations
- Fixes a bug for parse_param plugin attribute being passed to tag generators (img)
- Altered options field in the settings table to allow for larger option strings
- Fixed CKEditor moono-dark theme width in Safari
- Fixed vertical alignment of on admin shortcut buttons
- After delete, show message in files manager on error, not just success
- Fixing issue with editing stream relationship fields
- Drastically improved speed on large paginated stream results.
- Validate input type in choices field
- Fixing name variable issue with admin user preview
- Fixing missing recaptcha config load.
- Don't add the js/css files for the image field type multiple times.
- Fixes streams field.choice form dropdown value - Issue #2729
- Adding parent class to the navigation plugin.
- Added 'filesize' to File Field Type
- Adding alternator to list of allowed functions
- Updated spanish translations, translated remain items
- Treat 0 or '0' as nonempty values in Lex
- Allow getstreamfields to prefix the field slugs.
- Update filters partial for Blog admin
- Fixing Overzealous Caching in the Pages module
- When saving keywords, delete existing applied keywords first
- Adding query caching for streams row model.
- Changing the way theme details classes are spawned
- Add indexes for quick DB queries
- Fixes html entities when validation fails. Fixes #2614, #2476, #2787
- Fixes #2741, First Name and Last Name are now undeletable.
- Fixes #2787. WYSIWYG would strip characters when decoding on some systems
- Add obendclean to a few places that need it in order for the admin to work correctly when gzip is enabled
- RSS feeds were being double parsed. This was forcing the
Our Web hostings are compatible with
100% SSD Web Hosting
100 GB and +
Advanced management of EV and DV SSL certificates
10 GB of VOD
2 CPU and +
6 Gb (RAM) and +
100% dedicated resources
Infomaniak manages your server
from 29 € / month
Prices in EUR