As I said before, this is a critical vulnerability...
F.e. - this is a cookie with admin session cached with script :)
serendipity[author_information]=YToyOntzOjg6InVzZXJuYW1lIjtzOjc6ImpvaG5kb2UiO3M6ODoicG
Fzc3dvcmQiO3M6Nzoiam9obmRvZSI7fQ%3D%3D;%
20phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A ...
Search found 2 matches
- Thu Apr 14, 2005 4:57 pm
- Forum: Bugs
- Topic: bbcodes security bugs
- Replies: 7
- Views: 5621
- Thu Apr 14, 2005 4:46 pm
- Forum: Bugs
- Topic: bbcodes security bugs
- Replies: 7
- Views: 5621
bbcodes security bugs
I think you need to patch your bbcode-plugin (if you use it).
Path is here:
http://adz.void.ru/index.php?file&id=11
Vendor was informed, but no action was maded to fix it, so I did it myself.
Path is here:
http://adz.void.ru/index.php?file&id=11
Vendor was informed, but no action was maded to fix it, so I did it myself.