Cause

Sites running a MyBanco version earlier then 0.09 are affected by an issue that causes users to create money, by inputting a negative number in the money transfer page.

Fix

A hotfix has been written to work around this issue. It is highly recommended for any installs that are running MyBanco 0.09 or lower. This patch will apply on all versions.

• MyBanco 0.09 - File:0.09-kb00002-negative-money-transfers.patch

Affected Versions

• MyBanco < 0.09

History

• 1st July 2009, 1:00pm: Notified of issue (Thanks Rafael).
• 1st July 2009, 1:03pm: Issue identified.
• 1st July 2009, 10:30pm: Hotfix created, and verified.
• 1st July 2009, 10:54pm: Knowledge Base article created.
• 1st July 2009, 10:54pm: Issue marked as resolved and will be included in the next release.
• 1st July 2009, 11:02pm: Correct patch added to KB article.

Notification Email

Hey Tim,

Nice script, hey i was playing around with the script and I found a
little bug that is pretty important. If u look http://bank.timg.ws 
u will see that the balance now is 10 million dollars. The program
needs to implement a way to block negative transfers. I transfered
-20 dollars to check and voila, the balance increased by 20. Im not
a php master but i can take a look at it. But i cannot run it on my
server, just on wamp.

Cheers,
Rafael