If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register / 
[Login] Login 
Patch for usergent exploit.  XML
Forum Index » Advanced Guestbook Forum
Author Message
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

As I posted about a long time ago their is an exploit in Advanced Guestbook whereby HTML can be posted by altering a browser useragent. You can currently see this in posts 7001 and 7002 of this sites guestbook. To patch this open lib/add.class.php and find

Replace it with

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
 
Forum Index » Advanced Guestbook Forum
Go to:   
Based on the open source JForum