[Phpmyadmin-devel] file_echo.php
Michal Čihař
michal at cihar.com
Thu Aug 4 14:10:00 CEST 2011
Hi Tyron
your changes include unprotected (does not require user being logged in
and no token check) file file_echo.php, which allows to download
arbitrary data. This could be easily used by attacker to pretend data
is coming from safe location (where phpMyAdmin is running), while it
would actually come from attacker.
I've removed defining of PMA_MINUMUM_COMMON (which does skip all the
checks) from this file. As you already seem to pass token with the
request, no other change should be needed, but please take care of such
dangerous code in future.
--
Michal Čihař | http://cihar.com | http://blog.cihar.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.phpmyadmin.net/pipermail/developers/attachments/20110804/3867298f/attachment.sig>
More information about the Developers
mailing list