464 Invalid avatar extensions There is an SQL Injection vulnerability in avatar extension checking & validating. You are able to bypass it with a specially crafted filename. 2009-09-20 100 Always 1.4.8 Sun Sep 20 21:27:16 -0500 2009 Mon Sep 21 01:21:50 -0500 2009

Applied in changeset r4458