« 免费Invision Power Board服务提供商--IPBFree.com | 首页 | Resurrection »

分类: 论坛记

2004年03月04日

IPB Security Update for 1.3 #3

Matt said on 3rd Mar. 2004 "It has come to our attention that a small vulnerability may exist in Invision Power Board v1.3. As always we take security very seriously and have released an update."

The update is very easy to apply. Simply download the attached ZIP file, uncompress and upload 'Search.php' into your 'sources' folder overwriting the original contained in your IPB installation.

search.zip


The main download zip has been updated.

The changed section of code can be found near the top of the file at line 125 (modified lines in bold).


$this->lib = new search_lib(&$this);


$ibforums->input['st'] = intval($ibforums->input['st']);

if ( $ibforums->input['st'] )
{
$this->first = $ibforums->input['st'];
}

//--------------------------------------------
// What to do?
//--------------------------------------------

if (! isset($ibforums->member['g_use_search']) )
{
$std->Error( array( LEVEL => 1, MSG => 'cant_use_feature') );
}

您可直接从以上给出的链接下载search.zip,解压后上传覆盖即可,或者按照上面的代码直接修改粗体部分。

Posted by POPOEVER at 2004年03月04日 11:48 | back to top
标签:
Featured

Trackback Pings

本篇日志的回溯引用地址:

http://plod.popoever.com/acp630/mt-tb.cgi/179

Comments

Post a comment

说老实话,做开心人,欢迎您留露箴言
即便如此,也请遵纪守法,勿放厥辞
汝国如汝母,辱国如辱母,吾辈当自强
您的观点仅代表个人,与本站无关,望请自尊

Thanks for signing in, . Now you can comment. (sign out)

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)


Remember me?