phpweb /version.php Vul
catalog
1. 漏洞描述 2. 漏洞触发条件 3. 漏洞影响范围 4. 漏洞代码分析 5. 防御方法 6. 攻防思考
1. 漏洞描述
Relevant Link:
2. 漏洞触发条件
3. 漏洞影响范围
4. 漏洞代码分析
5. 防御方法
/version.php
<?php define( "PHPWEB_VERSION", "1.4.3" ); define( "PHPWEB_RELEASE", "20100925" ); /**/ function cleanArrayForMysql($data) { if(!get_magic_quotes_gpc()) { //security filter Recursive return (is_array($data)) ? array_map('cleanArrayForMysql', $data) : addslashes($data); } else { return $data; } } $_REQUEST = cleanArrayForMysql($_REQUEST); $_GET = cleanArrayForMysql($_GET); $_POST = cleanArrayForMysql($_POST); $_COOKIE = cleanArrayForMysql($_COOKIE); /**/ ?>
6. 攻防思考
Copyright (c) 2015 LittleHann All rights reserved