Author Topic: [1.7 - 1.7.9] Security fix for path disclosure in paging.php  (Read 20602 times)

0 Members and 1 Guest are viewing this topic.

Offline kai

  • Administrator
  • Addicted member
  • *****
  • Posts: 1.423
    • View Profile
    • 4images - Image Gallery Management System
[1.7 - 1.7.9] Security fix for path disclosure in paging.php
« on: December 07, 2010, 10:45:56 AM »
A minor security vulnerability has  been found which leads to path disclosure.

To  fix this:

In includes/paging.php

find

$this->page $page;
$this->perpage $perpage;
$this->num_rows_all $num_rows_all;

if (!isset(
$this->page) || !intval($this->page)) {
  
$this->page 1;
}
if (!
$this->num_rows_all) {


and replace with

$this->page intval($page);
$this->perpage intval($perpage);
$this->num_rows_all intval($num_rows_all);

if (
$this->page <= 0) {
  
$this->page 1;
}
if (
$this->perpage <= 0) {
  
$this->perpage 1;
}
if (
$this->num_rows_all <= 0) {
« Last Edit: December 23, 2010, 07:59:27 PM by V@no »
Your first three "must do" before you ask a question:
1. Forum rules
2. FAQ
3. Search

Offline x23piracy

  • Sr. Member
  • ****
  • Posts: 420
    • View Profile
    • FHG
Re: [1.7 - 1.7.9] Security fix for path disclosure in paging.php
« Reply #1 on: December 07, 2010, 05:03:43 PM »
Hi,

im using V@no's Universal Paging Class V1.1.1 and i cannot find that line in it.
Is that bug also existing in that paging.php?

Universal Paging Class 1.1.1: http://www.4homepages.de/forum/index.php?topic=6926.0


Greetz X23

Don't trust in md5 it's unsafe change your 4i galerys password hash algorythm! second pw db field, create new hashes over some time, deny old hash. Help members that cry, send informationen mail to the rest. Camouflage new pw hash in cookie. Done!

--(◔̯◔)--

Offline Tino23

  • Full Member
  • ***
  • Posts: 191
    • View Profile
    • LMJ - Motorsport
Re: [1.7 - 1.7.9] Security fix for path disclosure in paging.php
« Reply #2 on: December 17, 2010, 05:44:37 PM »
Schau mal in Zeile 60 dort steht die Zeile.

Offline x23piracy

  • Sr. Member
  • ****
  • Posts: 420
    • View Profile
    • FHG
Re: [1.7 - 1.7.9] Security fix for path disclosure in paging.php
« Reply #3 on: December 17, 2010, 05:49:46 PM »
Hi,

Schau mal in Zeile 60 dort steht die Zeile.

ja mitlerweile weil V@no auf 1.1.2 aktualisiert hat, im File davor 1.1.1 fehlte das.


Gruß Jens

Don't trust in md5 it's unsafe change your 4i galerys password hash algorythm! second pw db field, create new hashes over some time, deny old hash. Help members that cry, send informationen mail to the rest. Camouflage new pw hash in cookie. Done!

--(◔̯◔)--

Offline Sunny C.

  • Addicted member
  • ******
  • Posts: 1.808
  • I ♥ 4I
    • View Profile
Re: [1.7 - 1.7.9] Security fix for path disclosure in paging.php
« Reply #4 on: December 23, 2010, 05:43:33 PM »
The paging.php is find in includes/