PEAK XOOPS - News in englishin japanese

Archive | RSS |
  
Poster : GIJOE on 2005-12-08 13:07:09 (11091 reads)

in englishin japanese
Do you know these files can be parsed as PHP file?

foo.php.en
foo.php.orig.test

This is a normal behavior of apache's mod_mime.c

If a script stores an uploaded file under DocumentRoot and its name will be generated from its original file name, it is danger enough.
(Though I don't know such modules for XOOPS...)

Even if he disallow *.php, attacker can upload *.php.hehehe and exec the file.

The latest version of Protector (2.54) scans multiple dot(.) inside $_FILE[]['name'].
If a doubtful file name is found, Protector will stop XOOPS immediately.

Read more... | 1340 bytes more |0 comments

Poster : GIJOE on 2005-12-02 01:00:00 (13469 reads)


1:    $result = mysql_query( "SELECT ''" , $conn ) ;
2:    $obj = mysql_fetch_object( $result ) ;


in englishin japanese
This cause no errors in PHP <= 5.0.4.
This cause a fatal error in PHP 5.0.5 in line 2.

This should be like this:

1:    $result = mysql_query( "SELECT '' AS tmp_name" , $conn ) ;
2:    $obj = mysql_fetch_object( $result ) ;

0 comments

« 1 ... 3 4 5 (6)
Login
Username or e-mail:

Password:

Remember Me

Lost Password?

Register now!