This patch fixes several issues in the v2.3.7 release and v2.3.7 patch #1 and patch#2. It also provides several tweaks and even some new features. The main fix is for a security vulnerability using malformed arrays. It also provides some regression fixes to the text module inline-edit view(s). It must be noted that this patch will (again) break any custom text module view templates using in-place editing. This patch adds a couple new features to Twitter Bootstrap 3 based themes in the form of a new date/time picker widget, and a new photoalbum slideshow/carousel widget. There are a few other tweaks and fixes found in this patch. Unlike previous patches, this patch file also includes all the 'installation' files in the event you secured your site by deleting or renaming the /install folder. Patch #3 to v2.3.7 is found at http://sourceforge.net/projects/exponentcms/files/exponent-2.3.7-patch-3.zip/download ...Read More
We've been notified of a security vulnerability which could compromise your Exponent CMS installation. This vulnerability applies to all versions of Exponent 2.x up to v2.3.7 patch #2. The immediate fix is to rename the /install folder to something else, or remove/delete it. Though we've been working hard to close Cross-Site Scripting (XSS) vulnerabilities, this one could be more permanent and seems to result from an anomaly within PHP which allows a string variable to be internally interpreted and processed as an array thereby masking the payload. ...Read More
You can expect a v2.3.7 patch #2 to be released later this week (1st full week of 2016) to fix a v2.3.7 regression bug which prevents editing or copying calendar events. There is no work-around for this bug, however it doesn't affect creating new events. The patch will also fix some styling issues with bootstrap 3 based themes, clean up the optional ajax paging urls, and remove some warnings which prevent some ajax calls and xmlrpc from working when error reporting is turned on. ...Read More
This patch fixes a few issues in the v2.3.7release. The main fix is for a regression problem in v2.3.7 which prevented using the 'Quick Upload' feature because uploaded files would be truncated to zero bytes.. Patch #1 to v2.3.7 is found at http://sourceforge.net/projects/exponentcms/files/exponent-2.3.7-patch-1.zip/download ...Read More
After a failed attempt to get something under the tree for Christmas, we now release v2.3.7 specifically to address the fatal flaws within the pulled v2.3.6 release. These include: ...Read More
We've pulled the v2.3.6 release package and recommend you NOT install it! Due to the holidays, v2.3.7 will not be released until after January 1st. The new security fix unexpectedly removes all styling from edited WYSIWYG text when saved...which is basically how the WYSIWYG editor does most of its magic. Additionally, activating the new enhanced password hashing (also in v2.3.5) will corrupt passwords and prevent logging on after the password is updated (a database structure issue) We already have fixes for these issues and will release a version 2.3.7 with the fixes and possibly another ajax paging fix. We are sorry for this inconvenience. ...Read More
- Feb 02, 2016 @ 10:34 PM by dleffler Now allowing Google, Facebook, & Twitter Logins • Announcements |
- Jan 29, 2016 @ 02:53 PM by dleffler RE: Forums back up and running | Announcements
- Jan 28, 2016 @ 03:23 PM by dleffler v2.3.7patch3 released with many fixes and tweaks | Announcements
- Jan 28, 2016 @ 03:19 PM by dleffler v2.3.7 now available | Announcements
- Jan 28, 2016 @ 09:54 AM by dleffler Forums back up and running | Announcements
- Sep 15, 2015 @ 08:55 AM by expadminuser v2.3.5 now available | Announcements
Who Did This?
Exponent CMS is written and maintained by Online Innovative Creations (OIC Group, Inc.), a Peoria web design and development company. OIC Group, Inc. specializes in a wide range of web-based solutions for enterprise-level organizations and local businesses in Peoria. Learn more about this Peoria web design company. Spanning from custom website design and development to local SEO and social media marketing, OIC Group, Inc. is full-service web marketing firm that offers a wealth of solutions.
As the creator of Exponent CMS, OIC Group, Inc. offer fully-custom web design and development programs. To view examples of the company's work, visit the local website design portfolio to see both local and enterprise-level websites that OIC has created. In addition to search engine friendly websites, other specialties of OIC Group, Inc. include website optimization, conversion rate optimization, social media marketing, Pay Per Click (PPC) advertising, local SEO and ecommerce SEO services.
If you're looking for ways to improve the potential of your Exponent CMS website, connect with Exponent CMS on Google+. To stay abreast various ways to better optimize your Exponent CMS website, follow OIC Group web design on Facebook.