[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gnuheter-dev] [Bug #2895] header.php XSS
From: |
nobody |
Subject: |
[Gnuheter-dev] [Bug #2895] header.php XSS |
Date: |
Sat, 22 Mar 2003 05:31:14 -0500 |
=================== BUG #2895: FULL BUG SNAPSHOT ===================
http://savannah.nongnu.org/bugs/?func=detailbug&bug_id=2895&group_id=2176
Submitted by: metaur Project: Gnuheter
Submitted on: Sat 03/22/03 at 10:31
Category: Bug Severity: 5 - Major
Bug Group: None Resolution: None
Assigned to: None Status: Open
Summary: header.php XSS
Original Submission: header.php har ett Cross-Site Scripting-problem, som
visar sig exempelvis i följande URL:
http://gnuheter.org/stats.php?config=1&meta_keywords=%22%3e%3cscript%3ealert%2857%29%3c%2fscript%3e%3cqwe+%22
Även andra skript än stats.php drabbas av detta.
Problemet beror på en rad i header.php:
if (!isset($config)) include('config.php');
som istället borde skrivas:
include_once('config.php');
Samma problem finns på fler ställen i koden. Någon ambitiös människa skulle ju
kunna byta ut en massa if (!isset($x)) include() till include_once().
No Followups Have Been Posted
CC list is empty
No files currently attached
For detailed info, follow this link:
http://savannah.nongnu.org/bugs/?func=detailbug&bug_id=2895&group_id=2176
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Gnuheter-dev] [Bug #2895] header.php XSS,
nobody <=