[pmwiki-devel] PITS/01030
Petko Yotov
5ko at 5ko.fr
Thu Jun 26 03:00:35 CDT 2008
Thanks for your message.
On Thursday 26 June 2008 02:39:59 DaveG wrote:
> The way I read this is that you'd need to have authform active, and
> allow people login access, or access to the login form -- which your
> test site doesn't appear to do.
It does, I have authform active, you can go to
http://galleries.accent.bg/Cookbook/Cookbook?action=login .
> From there, we can apparently call the
> login routine and append bogus php command:
> &login_vars..., is_admin()
>
> which will get executed.
There is no "is_admin()" function in PmWiki, and I cannot see any way an
attacker could execute any other existing function with this form, that is
why I asked for a real example.
Petko
More information about the pmwiki-devel
mailing list