serious bug when viewing files.
Brought to you by:
vival
Menu
▾
▴
#37 serious bug when viewing files.
i just found that cwfm when viewing file does not check
path:
how to reproduce:
log in
select any file
choose menu file / display.
new windows pops up with chosen file displayed.
look at the displaying page properties and copu URL to
clipboard.
then, close file display, and paste the URL into main
cwfm window, change URL to:
(example):
http://my.server.com/cwfm/View.php?
view=E5etcE5passwdE5&file=passwd
(E5 is /, E4 is . ).
and voila, you see chosen file, and it is certainly not in
desired path set by administrator.
summarizing, logged in user can see any file on the
server that apache's user has read permission to, and
edit any file on the server that apache's user has write
permission to.
if i find some time i'll try to get it fixed or at least gather
some detailed information.
Logged In: NO
I tried the above, and recieved a Security Violation error...
Logged In: NO
just have to chdir() to the target directory,
then check if pwd() is beginning with the areaN path (ending with /)
you dont need so much time for it
:)