phpBMS

Context Navigation

← Previous Change
Next Change →

Changeset 704 for trunk/phpbms/modules/bms/report/aritems_summary.php

Timestamp:

01/01/10 23:10:02 (2 years ago)

Author:

brieb

Message:

Fixed several SQL injection vulnerabilities
Fixed several XSS vulnerabilities due to PHP_SELF and REQUREST_URI
Fixed severa path disclosure errors

Files:

: 1 modified

trunk/phpbms/modules/bms/report/aritems_summary.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/phpbms/modules/bms/report/aritems_summary.php

r703	r704
434	434	$phpbms->showMenu = false;
435	435
436		$formSubmit = ~~str_replace("&","&",~~$_SERVER['REQUEST_URI']);
	436	$formSubmit = htmlentities($_SERVER['REQUEST_URI']);
437	437
438	438	$theform = new phpbmsForm();

Download in other formats:

phpBMS vulnerability assesment provided by Orvant Inc. Copyright © 2010 Kreotek, LLC. All Rights reserved.