Re: New Protector is testing now
Target |
News |
Subject |
New Protector is testing now |
Summary |
XoopsProtector 2.2 will be released soon.I'm now testing the module in this site.The features of the next version...- welcomed major search engines.- protect against bad-mannered crawlers- PHP5 friendly (perhaps...)- rescue modeand so on... |
List posts in the topic
Re: New Protector is testing now
msg# 1.1.1.1.1.1.1
hi Yuji.
If a wrapping module which accepts filename via GET exists, there is a possiblity that a vulnerablity exits like this:
http://(your site)/modules/badmodule/?page=../../mainfile.php
This can display the content of manfile.php
(Of course, this is just a sample.)
So, protector inhibits '../' patterns which looks like file specifications.
Votes:0
Average:0.00
Posts tree