Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
*** Serious vulnerability
02-15-2014, 10:46 PM (This post was last modified: 02-19-2014 09:13 PM by Forums.)
Post: #1
*** Serious vulnerability
Revision 6571 with commit message "Andrew Galuski: WOSerialNos fix for quantity number format error;" overwrites the the $_SESSION['DatabaseName'] variable with a value from the $_GET array which is undesirable for obvious reasons. Can somebody fix it?

Thanks
Tim
Visit this user's website Find all posts by this user
Quote this message in a reply
Post Reply 


Messages In This Thread
*** Serious vulnerability - Forums - 02-15-2014 10:46 PM
RE: Potential vulnerability - agaluski - 02-18-2014, 12:00 AM
RE: Potential vulnerability - Forums - 02-18-2014, 12:33 AM
RE: Potential vulnerability - icedlava - 02-19-2014, 06:00 PM
RE: Potential vulnerability - phil - 02-19-2014, 06:24 PM
RE: Potential vulnerability - icedlava - 02-19-2014, 06:30 PM
RE: Potential vulnerability - Forums - 02-19-2014, 07:28 PM
RE: Potential vulnerability - icedlava - 02-19-2014, 08:55 PM
RE: Potential vulnerability - Forums - 02-19-2014, 09:12 PM
RE: Potential vulnerability - icedlava - 02-19-2014, 10:24 PM
RE: *** Serious vulnerability - Forums - 02-19-2014, 10:30 PM
RE: *** Serious vulnerability - icedlava - 02-19-2014, 10:38 PM
RE: *** Serious vulnerability - Forums - 02-19-2014, 11:22 PM
RE: *** Serious vulnerability - jo lwebuga - 02-20-2014, 02:35 AM
RE: *** Serious vulnerability - phil - 02-20-2014, 01:00 PM

Forum Jump:


User(s) browsing this thread: 1 Guest(s)