Security hole in editconfig_gedcom.php

furtive
2013-04-30
2013-05-30
  • furtive

    furtive - 2013-04-30

    There seems to be a security hole in function move_uploaded_file in editconfig_gedcom.php. Someone (who does not have an account) has been trying to exploit it on my site by uploading dodgy files and moving them using this script. Log files from my server below.

    Is this something I can fix or is this a security bug in the code?

    [root@190887 ~]# grep /tmp/php /var/www/vhosts/*/statistics/logs/error_log
    /var/www/vhosts/mydomain.co.uk/statistics/logs/error_log:[Sat Sep 22 08:50:55 2012] [error] PHP Warning:  move_uploaded_file() [<a href='function.move-uploaded-file'>function.move-uploaded-file</a>]: Unable to move '/tmp/phpZjJDNl' to './index/GED.ged' in /var/www/vhosts/mydomain.co.uk/httpdocs/familyhistory/editconfig_gedcom.php on line 126, referer: http://www.mydomain.co.uk/familyhistory/editconfig_gedcom.php?source=replace_form&path=./index/GED.GED&oldged=
    
     
  • Stephen Arnold

    Stephen Arnold - 2013-04-30

    Switch to webtrees.

     
  • Gerry Kroll

    Gerry Kroll - 2013-05-01

    You need to be logged in with Admin rights before editconfig_gedcom.php will run.

    The line number reported in your log file extract does not match the location of the function call in the current version of editconfig_gedcom.php.  You're clearly not running with the "SVN" version of PhpGedView.

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks