Date: July 7th 2007

Hello!

A user recently reported an exploit to our forum. You can read the details here:

http://supercali.inforest.com/forum/viewtopic.php?id=40

This affects all versions of SuperCali. The quick fix is to edit includes/start.php and change line 108 (or thereabouts) from:

if ($_REQUEST["o"]) {

to

if (is_int($_REQUEST["o"])) {

A new version, 0.4.1, has been released. Patch files which fix this as well as other minor bugs since the 0.4.0 release and can be downloaded here:

http://supercali.inforest.com/downloads.php

Thanks,

Dana C. Hutchins
Inforest Communications