Closed GoogleCodeExporter closed 8 years ago
Hi,
I understand the urgence for these bugs, however I am failing to reproduce them.
Could you possibly tell me the browser you are using, and the server software
you are running phurl on (also an example link if possible)
Thanks in advance
Original comment by he...@hencomail.com
on 26 Oct 2010 at 2:22
I am running this on a closed system, with most up to date php package.
Here are my php.ini settings
display_error set to On
register_globals set to On
magic_quotes_gpc set to Off
for this specific vulnerability I use firefox.
I visit the homepage, enter in the URL, http://<script>alert(1);</script>
It tells me your short URL is http://site.com/phurl/c
I visit the admin panel, login, and on that page, i get a javascript alert box
stating 1.
Original comment by itspa...@gmail.com
on 26 Oct 2010 at 2:41
Ok thanks, I've got that one. I still can't reproduce the other ones where you
append the script to the url however. Any more info on these?
Original comment by he...@hencomail.com
on 26 Oct 2010 at 3:04
I have tried reversing all those security settings to be more secure and I can
still append to the end of the index.php, just like I submitted in the last
version.
This example is from the old version, but it is the same code:
http://wp.nu/index.php/"><script>alert(1);</script>
It is a known with PHP this can happen, google "php_self xss"
Original comment by itspa...@gmail.com
on 26 Oct 2010 at 3:17
or check this out:
http://www.phpro.org/tutorials/PHP-Security.html#2
Original comment by itspa...@gmail.com
on 26 Oct 2010 at 3:24
Thanks, will fix for version 2.4.1 :)
Original comment by he...@hencomail.com
on 26 Oct 2010 at 5:45
Original comment by hcblahb...@gmail.com
on 26 Oct 2010 at 7:51
Original comment by hcblahb...@gmail.com
on 28 Oct 2010 at 12:12
Original issue reported on code.google.com by
itspa...@gmail.com
on 26 Oct 2010 at 1:47