Login
Register
All class groups
Latest entries
Top 10 charts
Blog
Forums
Shop
Help
Login
Register
unsecure parameters from browser
Search
All class groups
Latest entries
Top 10 charts
Blog
Forums
Shop
Help
Recommend
this page to a friend!
Downloader
>
All threads
>
unsecure parameters from browser
>
(Un) Subscribe thread alerts
Subject:
unsecure parameters from browser
Summary:
you have a security hole where users can give relative pathnames
Messages:
1
Author:
Bastian Gorke
Date:
2006-03-25 14:46:50
1. unsecure parameters from browser
Reply
Report abuse
Bastian Gorke - 2006-03-25 14:46:50
check the $_GET / $_POST vars for relative pathnames. there is currently no check, so everyone with access to the script can use it to download all known files from the server.
About us
Advertise on this site
Site map
Newsletter
Statistics
Site tips
Privacy policy
Contact
Copyright (c)
Icontem
1999-2025
For more information send a message to
info at phpclasses dot org
.
image/svg+xml
image/svg+xml
Contact us using Messenger
Bastian Gorke - 2006-03-25 14:46:50
