small security problem in anycontent.php small security problem in anycontent.php
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

small security problem in anycontent.php

Started by Andi, December 12, 2004, 07:18:45 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Andi

Hi :)

if you open the file anycontent.php directly, the following message appears:

QuoteFatal error: Call to undefined function starttable() in xxx\anycontent.php on line 32

Version:
anycontent.php,v 1.10 2004/09/25 19:09:40 caspershadow
hope, I could help you... :)

Casper

Yes, but anycontent.php is not designed to be called directly.  It works fine when used as designed.

How is this a security problem?


It has been a long time now since I did my little bit here, and have done no coding or any other such stuff since. I'm back to being a noob here

Andi

QuoteHow is this a security problem?

Hi :)

so called "full path disclosure"
hope, I could help you... :)

kegobeer

#3
Fixed easily enough with
if (!defined('IN_COPPERMINE')) die('Not in Coppermine...');
Do not send me a private message unless I ask for one.  Make your post public so everyone can benefit.

There are no stupid questions
But there are a LOT of inquisitive idiots

Joachim Müller