AW: phpWebSite-0.10.0_exploit
actually this bug seems to be fixed long time ago by adding following code
to the EZform.php
----
if (is_null($allowedImages) || !is_array($allowedImages)) {
include(PHPWS_SOURCE_DIR.'conf/allowedImageTypes.php');
$allowedImages = $allowedImageTypes;
}
$fileTypes = implode(", ", $allowedImages);
if (!in_array($_FILES[$postVar]["type"], $allowedImages)){
$error = new PHPWS_Error("EZform", "saveImage", "Submitted image
must be $fileTypes file.");
return $error;
}
----
code of the allowedImageTypes.php
----
<?php
/* Image types which are allowed to be uploaded via phpwebsite modules */
/* Added 12/03/2003 (might not be implemented in all modules yet */
$allowedImageTypes = array("image/jpeg",
"image/jpg",
"image/pjpeg",
"image/png",
"image/x-png",
"image/gif",
"image/wbmp");
?>
----
--- Ursprüngliche Nachricht ---
Datum: 24.02.2005 23:16
Von: tjomka <tjomka@xxxxxxxxxxxx>
An: bugtraq@xxxxxxxxxxxxxxxxx
Betreff: phpWebSite-0.10.0_exploit
> phpWebSite-0.10.0_exploit
>