29 Oct
2008
29 Oct
'08
5:49 p.m.
Fabian Fingerle a écrit :
Hi,
Exploit :
register_globals=on,off loged in ....
query : http://localhost/pmd_pdf.php?db=>"><script>alert(1)</script>
Could you fix this quickly?
Yours Fabian
Hi, The reference for this is http://www.securityfocus.com/bid/31928/info and someone told me about this yesterday (the team was not pre-informed about this problem). Before releasing a "quick fix" I want to ensure there are no similar cases lurking around. Marc Delisle