Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:13649
HistoryJul 27, 2006 - 12:00 a.m.

Full Path Disclosure xGuestBook v1.02

2006-07-2700:00:00
vulners.com
29

###################Dicomdk####################
Full Path Disclosure xGuestBook v1.02 #
#
http://xatrix.xa.funpic.de/xguestbook2/ #
#
By : X-boy #
##############################################

http://[HOST]/post.php

Test : http://xatrix.xa.funpic.de/xguestbook2/post.php

Result :

Notice: Undefined index: user in [site]\post.php on line 15

Notice: Undefined index: mail in [site]\post.php on line 16

Notice: Undefined index: p in [site]\post.php on line 17

Notice: Undefined index: url in [site]\post.php on line 19

##############################################
Patch : #
##############################################

-Open post.php
-Find :

         $user  = HTMLSPECIALCHARS(trim($_POST['user']));
         $email = HTMLSPECIALCHARS(trim($_POST['mail']));
         $post  = nl2br(HTMLSPECIALCHARS($_POST['p']));
         $post  = str_replace("  ","  ",$post);
         $url   = HTMLSPECIALCHARS(trim($_POST['url']));
         $date  = date("Y-m-d g:i:s");

-Change to :

if (isset($_POST['user']) AND isset($_POST['mail']) AND isset($_POST['p']) AND isset($_POST['url']))
{
$user = HTMLSPECIALCHARS(trim($_POST['user']));
$email = HTMLSPECIALCHARS(trim($_POST['mail']));
$post = nl2br(HTMLSPECIALCHARS($_POST['p']));
$post = str_replace(" ","  ",$post);
$url = HTMLSPECIALCHARS(trim($_POST['url']));
$date = date("Y-m-d g:i:s");
}

##############################################