We have now updated all archives (for 2.0.6) as made available on the download page here. Therefore all new installations and upgrades will be immune.
To fix this flaw please open search.php in any text editor. Find the following code (in the vanilla release of 2.0.6 this can be found around line 685):
Code: Selecteer alles
if ( intval($search_id) )
{
$sql = "SELECT search_array
FROM " . SEARCH_TABLE . "
WHERE search_id = $search_id
AND session_id = '". $userdata['session_id'] . "'"; Code: Selecteer alles
$search_id = intval($search_id);
if ( $search_id )
{
$sql = "SELECT search_array
FROM " . SEARCH_TABLE . "
WHERE search_id = $search_id
AND session_id = '". $userdata['session_id'] . "'";Sorry voor het niet vertalen van de tekst.
