Closed GoogleCodeExporter closed 9 years ago
it was already fixed in the SVN with a prior commit
Original comment by ccagle8
on 3 Jun 2011 at 12:08
Don't know if this is a vulnerability or just a small bug, but the fact is that
/index.php processes the 'set' parameter (intended for /admin/plugins.php).
This has -I believe- nothing to do with that upload.php fix that Mike mentions.
Try to browse any GetSimple site adding ?set=whatever to the URL.
Original comment by carnav
on 4 Jun 2011 at 8:40
r492 has finally fixed this.
Original comment by carnav
on 12 Jun 2011 at 8:36
Original issue reported on code.google.com by
carnav
on 1 Jun 2011 at 3:03