4images Forum & Community
4images Help / Hilfe => Bug Fixes & Patches => Topic started by: kai on March 19, 2012, 02:40:19 PM
-
A cross site scripting vulnerability and possible sql injection in the 4images admin panel 1.7 - 1.7.10 has been found.
To fix this:
In admin/categories.php
find
$cat_parent_id = (isset($HTTP_GET_VARS['cat_parent_id'])) ? $HTTP_GET_VARS['cat_parent_id'] : 0;
and replace it with
$cat_parent_id = (isset($HTTP_GET_VARS['cat_parent_id'])) ? intval($HTTP_GET_VARS['cat_parent_id']) : 0;
-
I don't get it, how is this a vulnerability? if someone already got access to admin account information and logged in as admin, this will not stop them from do whatever they want to, let alone use this security hole for anything...I mean, sure it's a bug, should be fixed, but call it a security bug... ;)