4images Forum & Community
Welcome, Guest. Please login or register.
Did you miss your activation email?
August 21, 2018, 12:14:10 AM

Login with username, password and session length
Search:     Advanced search
Togle to toolbar
Translate this page with =>
Translate this page >
* Home Help Search Login Register
 
+  4images Forum & Community
|-+  4images Help / Hilfe
| |-+  Bug Fixes & Patches
| | |-+  [1.7 - 1.7.10] Security fix for XSS and sql injection in admin/categories.php
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Print
Author Topic: [1.7 - 1.7.10] Security fix for XSS and sql injection in admin/categories.php  (Read 8957 times)
kai
Administrator
Addicted member
*****
Offline Offline

Posts: 1405

Thank You
-Given: 66
-Receive: 199


View Profile WWW
« on: March 19, 2012, 02:40:19 PM »

A cross site scripting vulnerability and possible sql injection in the 4images admin panel 1.7 - 1.7.10 has been found.

To fix this:

In admin/categories.php

find

1
$cat_parent_id = (isset($HTTP_GET_VARS['cat_parent_id'])) ? $HTTP_GET_VARS['cat_parent_id'] : 0;

and replace it with

1
$cat_parent_id = (isset($HTTP_GET_VARS['cat_parent_id'])) ? intval($HTTP_GET_VARS['cat_parent_id']) : 0;
« Last Edit: March 19, 2012, 02:50:36 PM by kai » Logged


Your first three "must do" before you ask a question:
1. Forum rules
2. FAQ
3. Search
V@no
If you don't tell me what to do, I won't tell you where you should go :)
Administrator
4images Guru
*****
Offline Offline

Posts: 17849

Thank You
-Given: 47
-Receive: 577

mmm PHP...


View Profile WWW
« Reply #1 on: March 20, 2012, 03:44:24 AM »

I don't get it, how is this a vulnerability? if someone already got access to admin account information and logged in as admin, this will not stop them from do whatever they want to, let alone use this security hole for anything...I mean, sure it's a bug, should be fixed, but call it a security bug... Wink
Logged

Your first three "must do" before you ask a question:
Please do not PM me asking for help unless you've been specifically asked to do so. Such PMs will be deleted without answer. (forum rule #6)
Extension for Firefox/Thunderbird: Master Password+    Back/Forward History Tweaks (restartless)    Cookies Manager+    Fit Images (restartless for Thunderbird)
Pages: [1] Print 
« previous next »
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF | SMF © 2015, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.045 seconds with 19 queries.