|
|
CGIForum "thesection" Directory Traversal Vulnerability
Solution: Excerpted from vendor's advisory (http://www.dcscripts.com/dcforum/dcfNews/124.html) -------- FIX - In dcboard.cgi and dcadmin.cgi, after $r_in = \%in; ADD $r_in->{'forum'} =~ s/\W//g; NOTE - That's an uppercase W. Please apply this patch as soon as possible. ------------------------- David -------- |
|
Privacy Statement |