4images Forum & Community
Welcome, Guest. Please login or register.
Did you miss your activation email?
December 18, 2018, 01:37:42 PM

Login with username, password and session length
Search:     Advanced search
Check the new Tutorial subforum with helpfull guides and tutorials for modifications and tweaks.
Togle to toolbar
Translate this page with =>
Translate this page >
* Home Help Search Login Register
 
+  4images Forum & Community
|-+  4images Help / Hilfe
| |-+  Bug Fixes & Patches
| | |-+  [1.7 - 1.7.9] Security fix for input validation error
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Print
Author Topic: [1.7 - 1.7.9] Security fix for input validation error  (Read 10491 times)
kai
Administrator
Addicted member
*****
Offline Offline

Posts: 1405

Thank You
-Given: 66
-Receive: 203


View Profile WWW
« on: April 19, 2011, 10:09:58 AM »

A input validation error vulnerability in 4images 1.7 - 1.7.9 has been found.

To fix this:

in download.php

find

1
$file = array();

and replace with

1
2
3
$file = array();
$file_path null;
$file_name null;

and find

1
while ($image_row $site_db->fetch_array($result)) {

and replace with

1
2
3
while ($image_row $site_db->fetch_array($result)) {
$file_path null;
$file_name null;
Logged


Your first three "must do" before you ask a question:
1. Forum rules
2. FAQ
3. Search
Warrior
Jr. Member
**
Offline Offline

Posts: 75

Thank You
-Given: 13
-Receive: 8


View Profile WWW
« Reply #1 on: April 19, 2011, 06:13:50 PM »

Thanks for the heads up!
Logged

Pages: [1] Print 
« previous next »
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF | SMF © 2015, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.049 seconds with 19 queries.
Post your comments here