Bugtraq mailing list archives
Re: twlc advisory: all versions of php nuke are vulnerable...
From: Bernd Schnitzer <bernd.schnitzer () gmx net>
Date: Sun, 07 Oct 2001 02:05:20 +0200
Alternative "quickfix"; change "if($upload) {" to "if (($upload) && ($admintest)) {"
To fix the $file/$file_name bug in admin.php, change the line "if ((isset($file)) AND ($file != "none")) {" to "if ((isset($file)) AND ($file != "none") AND ($admintest)) {" /B.S.
Current thread:
- Re: twlc advisory: all versions of php nuke are vulnerable... Bernd Schnitzer (Oct 06)