Welcome to Geeklog, Anonymous Wednesday, December 25 2024 @ 02:47 am EST

Security

Possible CSS vulnerability in search.php

  • Sunday, April 07 2002 @ 11:41 am EDT
  • Contributed by: Anonymous
  • Views: 4,944
Security I think search.php of geeklog-1.3.x has
possible cross site scripting vulnerability. For example, let put this string as search keyword.

<script>alert(self.location)</script>

This gives alert window when JavaScript is enabled.
Because any HTML tags are transparently displayed in a \"No matchs\" screen, and search.php accept GET method, this can be easily exploitable with manner of ordinary cross site scripting attacks.
<BR>
This simple patch for search.php can prevent this type of attack.

--- search.php Fri Apr 5 01:21:15 2002
+++ search.php.org Mon Apr 8 03:38:07 2002
@@ -264,7 +264,7 @@
$retval .= $searchresults->parse(\'output\',\'searchresults\');
} else {
$retval .= COM_startBlock($LANG09[13])
- . $LANG09[14].\' <b>\'.htmlentities($query).\'</b> \'.$LANG09[15]
+ . $LANG09[14].\' <b>\'.$query.\'</b> \'.$LANG09[15]
. COM_endBlock();
}

Using index.htm

  • Thursday, March 21 2002 @ 02:13 pm EST
  • Contributed by:
  • Views: 9,070
Security Hi folks, this is a tip. In every directory that doesn\'t contain an index file, place a blank text file and name it index.htm. I do this on all my themes and geeklog directories and I highly suggest you do it as well. This will prevent snooping, even if it\'s only an images directory. Also, concerning the recent discovery of how many folks left their install.php alone, if you renamed your install file to muahahayoullneverguessthenameofmyinstall.php, it\'s not gonna do any good if someone visits http://yoursite.com/admin/install/. If you\'re gonna rename it, try a .txt extension or something. Enjoy. :)

Totally Removing the Anonymous Response

  • Wednesday, January 30 2002 @ 09:08 am EST
  • Contributed by:
  • Views: 5,998
Security How does one remove the ability to respond to a story, message anonymously? We have had some people leave replies to some of our posts anonymously and I want to have that feature disabled.

I\'ve already removed the anonymous posting in the mySQL. Now, I just need it at the blog level.

My thanks in advance.

Page navigation