phpBMS

Context Navigation

← Previous Change
Next Change →

Changeset 704 for trunk/phpbms/modules/bms/aritems_aging.php

Timestamp:

01/01/10 23:10:02 (2 years ago)

Author:

brieb

Message:

Fixed several SQL injection vulnerabilities
Fixed several XSS vulnerabilities due to PHP_SELF and REQUREST_URI
Fixed severa path disclosure errors

Files:

: 1 modified

trunk/phpbms/modules/bms/aritems_aging.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/phpbms/modules/bms/aritems_aging.php

r702	r704
156	156	$phpbms->showMenu = false;
157	157
158		$formSubmit = ~~str_replace("&","&",~~$_SERVER['REQUEST_URI']);
	158	$formSubmit = htmlentities($_SERVER['REQUEST_URI']);
159	159
160	160	include("header.php");

Download in other formats:

phpBMS vulnerability assesment provided by Orvant Inc. Copyright © 2010 Kreotek, LLC. All Rights reserved.