[pmwiki-devel] $12.50 -> .50 var problem
W Randolph Franklin
pmwiki at wrfranklin.org
Tue Apr 10 13:47:19 CDT 2007
This is about a user-supplied field containing '$' having the '$'
being treated as the special char that it is.
Since no one else seems to have mentioned it:
Inserting unchecked user-supplied text into a program and then
reparsing, which is what this seems to amount to, it is a
horrible security situation. In the worst case, an attacker gets
complete control of your system.
A similar exploit has been used to make RFID tags trick the
database system that queries them into executing arbitrary code.
--
W. Randolph Franklin
pmwiki at wrfranklin.org (Plaintext preferred; attachments
deprecated)
http://wrfranklin.org/
More information about the pmwiki-devel
mailing list