Revenue Source

Welcome to the Revenue Source affiliate marketing forums.

You are viewing our internet marketing and SEO forums as a guest which gives you limited access to most of our discussions.  By joining our free community, you will have access to post affiliate marketing topics, communicate privately with other members (PM), exchange SEO strategies, and access many other special features.  Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems, please don't hesitate to contact us.

Go Back   Revenue Source > Site Design & Development > Programming Help
Reload this Page Secunia.com: CodeIgniter Weakness and Directory Traversal Vulnerability
Tags: , , , , ,

Reply
 
LinkBack Thread Tools Search this Thread
Old
  (#1 (permalink))
Affiliate Blogs is Offline
Revenue Source Veteran
Affiliate Blogs has a brilliant future here!
 
Affiliate Blogs's Avatar
 
Join Date: Oct 2005
Posts: 9,223
Jack of All Trades
CyberSpace United States
   
Secunia.com: CodeIgniter Weakness and Directory Traversal Vulnerability - 07-11-2007
On the Secunia.com site today, there's a new vulnerability posted that users of the CodeIgniter framework should pay attention to - a "weakness and directory traversal vulnerability".
Lukasz Pilorz has reported a vulnerability and a weakness in CodeIgniter, which can be exploited by malicious people to disclose sensitive information and conduct cross-site scripting and header injection attacks.
There are two problems that lead to this issue - a non-sanitized input parameter and unsanitized data being passed to the xss_clean function. These issues affect CodeIgniter version 1.5.3 and, as of the time of this post, no update has been made in an official release. It is mentioned, however, that the problem has been fixed in the CVS and is waiting for a release.


Secunia.com: CodeIgniter Weakness and Directory Traversal Vulnerability - Read More...
  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Michael Kimsal's Blog: Latest podcast (WebDevRadio) | Mindloop Blog: Htmlpurifier and the CodeIgniter framework »

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads for: Secunia.com: CodeIgniter Weakness and Directory Traversal Vulnerability
Thread Thread Starter Forum Replies Last Post
Secunia.com: PHP Integer Overflow Vulnerability and Security Bypass Affiliate Blogs Programming Help 0 06-01-2007 04:44 PM
Joseph Crawford's Blog: CodeIgniter Affiliate Blogs Programming Help 0 05-14-2007 02:44 PM
CodeIgniter Blog: New Site Enhancements Affiliate Blogs Programming Help 0 04-30-2007 07:13 PM
Hardened-PHP Project: WordPress Vulnerability Advisories (XSS & Trackbacks) Affiliate Blogs Programming Help 0 01-05-2007 06:40 PM
Hardened-PHP Project: Dotdeb PHP Email Header Injection Vulnerability Affiliate Blogs Programming Help 0 11-14-2006 10:23 PM



© 2004-6 RevenueSource.com.  All rights reserved.  Do not duplicate or redistribute in any form.
This website and its logos/design are property of RevenueSource.com.  All rights reserved. vBSEO 3.2.0 RC7

Contact Us - Affiliate Marketing & SEO Forums - Archive - Top

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34