|
|
textcounter.pl Arbitrary Command Execution Vulnerability
Solution: This temporary fix was provided by Doru Petrescu <doru@kappa.ro> : The fix is very simple: add after line 91, another line that will make sure that there is NO tricky characters in the filename. $count_page = "$ENV{'DOCUMENT_URI'}"; # the original 91 line .... $count_page =~ s/([^a-z0-9])/sprintf("%%%02X",$1)/ge; # ADD THIS !!!!! An upgrade is also available: Matt Wright TextCounter 1.2
|
|
Privacy Statement |