search

gWorldz / get-simple-cms

Automatically exported from code.google.com/p/get-simple-cms
GNU General Public License v3.0
0 stars 0 forks source link

executing php functions from url #354

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
With getSimple 3.1.2, any authenticated user can use admin/load-ajax.php to 
execute any php function that doesn't need arguments. 

http://www.site.com/admin/load-ajax.php?func=phpinfo
http://www.site.com/admin/load-ajax.php?func=delete_cache

These functions could be from core of PHP or from these files:

inc/common.php
inc/security_functions.php
inc/basic.php
inc/template_functions.php
inc/logging.class.php

Regards

P.D: I've tested it on windows machine with Apache.

Original issue reported on code.google.com by aquinadie on 20 Sep 2012 at 3:52

GoogleCodeExporter commented 9 years ago 
Thanks

This doesn't seem to have any functionality.
I vote for its removal.

User must be authenticated to exploit it seems.

Original comment by tablatronics on 24 Sep 2012 at 4:13

GoogleCodeExporter commented 9 years ago 
fixed via r757

Original comment by tablatronics on 28 Sep 2012 at 6:54

GoogleCodeExporter commented 9 years ago 
Need QA

Original comment by tablatronics on 21 Oct 2012 at 4:01