|
|
PHP-Fusion Setuser.PHP HTML Injection Vulnerability
Solution: A fix for this issue is pending release. Customers are advised to edit 'fusion_core.php': Look for the following line, located after line 150: if (isset($_POST['login'])) { $result = dbquery("SELECT * FROM ".$fusion_prefix."users WHERE user_name='".$_POST['user_name']."' and user_password=md5('".$_POST['user_pass']."')"); Replace the above code with these 4 lines: $user_name = stripinput($_POST['user_name']); $user_pass = md5($_POST['user_pass']); if (!preg_match("/^[-0-9A-Z_@\s]+$/i", $user_name)) { header("Location: ".FUSION_BASE."index.php"); exit; } $result = dbquery("SELECT * FROM ".$fusion_prefix."users WHERE user_name='$user_name' and user_password='$user_pass'"); |
|
Privacy Statement |