The Forum has been Updated
The code has been upgraded to the latest .NET core version. Please check instructions in the Community Announcements about migrating your account.
this fix relates to http://secunia.com/advisories/24358/
in pop_profile.asp look for the following lines of code
parts = split(rs("M_MSN"),"@")
in a clean pop_profile this will be on line 334 and again on line 609
replace that line with the line below.
parts = split(ChkString(rs("M_MSN"), "display"),"@")
Alternatively you can just disable the MSN messanger link from the admin options<
in pop_profile.asp look for the following lines of code
parts = split(rs("M_MSN"),"@")
in a clean pop_profile this will be on line 334 and again on line 609
replace that line with the line below.
parts = split(ChkString(rs("M_MSN"), "display"),"@")
Alternatively you can just disable the MSN messanger link from the admin options<
Postet den
Thanks Huw!
I wanted to check to see if anybody had attempted to exploit this on any of my fora and so I ran the following SQL query:
select MEMBER_ID, M_MSN from FORUM_MEMBERS where M_MSN != '';
and then browsed the M_MSN field for script.
Was I looking in the right place? i.e. Is that where the script would have been placed?<
I wanted to check to see if anybody had attempted to exploit this on any of my fora and so I ran the following SQL query:
select MEMBER_ID, M_MSN from FORUM_MEMBERS where M_MSN != '';
and then browsed the M_MSN field for script.
Was I looking in the right place? i.e. Is that where the script would have been placed?<
Postet den
yes, that is the correct field to look in<
Postet den
Hi,
I founded this vulnerability and your solution doesn't really work, I could exploit it on my test site with no problems at all.
The single quotes are the real problem, using "display" only replaces double quotes and "plus" signs.
Bye
P.S.: also the vulnerability is found in pop_messengers.asp<
I founded this vulnerability and your solution doesn't really work, I could exploit it on my test site with no problems at all.
The single quotes are the real problem, using "display" only replaces double quotes and "plus" signs.
Bye
P.S.: also the vulnerability is found in pop_messengers.asp<
Postet den
Hmm, hard to put replace(x,"'","''") thing?<
Postet den
Originally posted by Stefano Angaranperhaps in future you could follow the guidlines of secunia and inform us the developers of your findings rather than being a twat and making a public report about it.<
Hi,
I founded this vulnerability and your solution doesn't really work, I could exploit it on my test site with no problems at all.
The single quotes are the real problem, using "display" only replaces double quotes and "plus" signs.
Bye
P.S.: also the vulnerability is found in pop_messengers.asp