Update of /cvsroot/linpha/linpha
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv8921
Modified Files:
ChangeLog
Log Message:
2008-04-13 flo
* fixed LinPHA "maps_type" Local File Inclusion Vulnerability
reported here: http://secunia.com/advisories/29724/
Index: ChangeLog
===================================================================
RCS file: /cvsroot/linpha/linpha/ChangeLog,v
retrieving revision 1.1276
retrieving revision 1.1277
diff -C2 -d -r1.1276 -r1.1277
*** ChangeLog 7 Feb 2008 15:06:58 -0000 1.1276
--- ChangeLog 13 Apr 2008 20:59:33 -0000 1.1277
***************
*** 1,2 ****
--- 1,6 ----
+ 2008-04-13 flo
+ * fixed LinPHA "maps_type" Local File Inclusion Vulnerability
+ reported here: http://secunia.com/advisories/29724/
+
###############################################
### ###
***************
*** 452,458 ****
use htmlspecialchars() before write logger events to database or to text file
for example:
! User <?php echo system($_GET['cwd']); ?>: login failed!
will be replaced by:
! User <?php echo system($_GET['cwd']); ?>: login failed!
2006-02-16 flo
--- 456,462 ----
use htmlspecialchars() before write logger events to database or to text file
for example:
! User <?php echo something evil ?>: login failed!
will be replaced by:
! User <?php echo 'cwd' ?>: login failed!
2006-02-16 flo
|
