n e w s

A serious security issue has been discovered in our bundled XML-RPC library. This issue allows for possible remote code execution.

We have upgraded the XML-RPC component to the fixed version and released phpAdsNew and phpPgAds 2.0.5.

Every user is urged to upgrade. As a temporary hotfix you can delete your adxmlrpc.php file so that your adserver will not easily allow execution of maliclius XML-RPC method calls.

We are very sorry for this inconvenience and need to point out that many PHP applications using this common XML-RPC implementation are affected by this bug.

Also, the newly added features are:

• a workaround to avoid exceeding the 20 cookie limit, which can be enabled inside the invocation settings;
• full support to all MaxMind database types;
• support for transparent Flash banners.

The release contains also some other bug fixes: see the changelog for more details.