- 26 Ara 2011
- 11,500
- 12,867
SMF_All_Versions\\Simple Machines Forum = 1.1.4 Sql Injection Vulnerability
source/search.phpyi Açın,
if (!is_array($_REQUEST[brd]) && !empty($_REQUEST[brd]))
Satırını,
if (!empty($_REQUEST[brd]) && !is_array($_REQUEST[brd]))
ile Değiştirin.
source/display.php Dosyasını Açın,
name => $attachment[filename],
downloads => $attachment[downloads],
size => round($attachment[filesize] / 1024, 2) . . $txt[smf211],
byte_size => $attachment[filesize],
href => $scripturl . ?action=dlattach;topic= . $topic . .0;attach= . $attachment[ID_ATTACH],
link => <a href= " . $scripturl . ?action=dlattach;topic= . $topic . .0;attach= . $attachment[ID_ATTACH] . "> . $attachment[filename] . </a>,
Kısmını
name => htmlspecialchars($attachment[filename]),
downloads => $attachment[downloads],
size => round($attachment[filesize] / 1024, 2) . . $txt[smf211],
byte_size => $attachment[filesize],
href => $scripturl . ?action=dlattach;topic= . $topic . .0;attach= . $attachment[ID_ATTACH],
link => <a href= " . $scripturl . ?action=dlattach;topic= . $topic . .0;attach= . $attachment[ID_ATTACH] . "> . htmlspecialchars($attachment[filename]) . </a>,
Olarak değiştiriyoruz.
link => <a href= " . $scripturl . ?action=dlattach;topic= . $topic . .0;attach= . $attachment[ID_ATTACH] . "> . $attachment[filename] . </a>,
Buluyoruz,
link => <a href= " . $scripturl . ?action=dlattach;topic= . $topic . .0;attach= . $attachment[ID_ATTACH] . "> . htmlspecialchars($attachment[filename]) . </a>,
ile Değiştiriyoruz..
source/search.phpyi Açın,
if (!is_array($_REQUEST[brd]) && !empty($_REQUEST[brd]))
Satırını,
if (!empty($_REQUEST[brd]) && !is_array($_REQUEST[brd]))
ile Değiştirin.
source/display.php Dosyasını Açın,
name => $attachment[filename],
downloads => $attachment[downloads],
size => round($attachment[filesize] / 1024, 2) . . $txt[smf211],
byte_size => $attachment[filesize],
href => $scripturl . ?action=dlattach;topic= . $topic . .0;attach= . $attachment[ID_ATTACH],
link => <a href= " . $scripturl . ?action=dlattach;topic= . $topic . .0;attach= . $attachment[ID_ATTACH] . "> . $attachment[filename] . </a>,
Kısmını
name => htmlspecialchars($attachment[filename]),
downloads => $attachment[downloads],
size => round($attachment[filesize] / 1024, 2) . . $txt[smf211],
byte_size => $attachment[filesize],
href => $scripturl . ?action=dlattach;topic= . $topic . .0;attach= . $attachment[ID_ATTACH],
link => <a href= " . $scripturl . ?action=dlattach;topic= . $topic . .0;attach= . $attachment[ID_ATTACH] . "> . htmlspecialchars($attachment[filename]) . </a>,
Olarak değiştiriyoruz.
link => <a href= " . $scripturl . ?action=dlattach;topic= . $topic . .0;attach= . $attachment[ID_ATTACH] . "> . $attachment[filename] . </a>,
Buluyoruz,
link => <a href= " . $scripturl . ?action=dlattach;topic= . $topic . .0;attach= . $attachment[ID_ATTACH] . "> . htmlspecialchars($attachment[filename]) . </a>,
ile Değiştiriyoruz..