Re: Full path disclosure and sql injection on CubeCart 2.0.1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

In-Reply-To: <20041006144016.28823.qmail@xxxxxxxxxxxxxxxxxxxxx>

Solution

INSERT
  
if (!is_numeric($cat_id))
   unset($cat_id); 

BEFORE

include("header.inc.php");

IN

index.php
[Index of Archives]     [Linux Security]     [Netfilter]     [PHP]     [Yosemite News]     [Linux Kernel]

  Powered by Linux