Re: twlc advisory: all versions of php nuke are vulnerable...

[Bernd Schnitzer <bernd.schnitzer () gmx net>]

> Alternative "quickfix"; change
>   "if($upload) {" to
>   "if (($upload) && ($admintest)) {"

To fix the $file/$file_name bug in admin.php, change the line
"if ((isset($file)) AND ($file != "none")) {"
to
"if ((isset($file)) AND ($file != "none") AND ($admintest)) {"

/B.S.