<<< Date Index >>>     <<< Thread Index >>>

AW: phpWebSite-0.10.0_exploit



actually this bug seems to be fixed long time ago by adding following code
to the EZform.php
----
    if (is_null($allowedImages) || !is_array($allowedImages)) {
      include(PHPWS_SOURCE_DIR.'conf/allowedImageTypes.php');
      $allowedImages = $allowedImageTypes;
    }

    $fileTypes = implode(", ", $allowedImages);

    if (!in_array($_FILES[$postVar]["type"], $allowedImages)){
      $error = new PHPWS_Error("EZform", "saveImage", "Submitted image
must be $fileTypes file.");
      return $error;
    }
----

code of the allowedImageTypes.php
----

<?php

/* Image types which are allowed to be uploaded via phpwebsite modules */
/* Added 12/03/2003 (might not be implemented in all modules yet */

$allowedImageTypes = array("image/jpeg",
                           "image/jpg",
                           "image/pjpeg",
                           "image/png",
                           "image/x-png",
                           "image/gif",
                           "image/wbmp");

?>
----

 --- Ursprüngliche Nachricht ---
Datum: 24.02.2005 23:16
Von: tjomka <tjomka@xxxxxxxxxxxx>
An: bugtraq@xxxxxxxxxxxxxxxxx
Betreff: phpWebSite-0.10.0_exploit

> phpWebSite-0.10.0_exploit
>