[wp-trac] [WordPress Trac] #3891: Multiple Errors When passing as
an array variables "m" and "cat" (Only with PHP Register Globals ON)
WordPress Trac
wp-trac at lists.automattic.com
Thu Mar 1 00:23:45 GMT 2007
#3891: Multiple Errors When passing as an array variables "m" and "cat" (Only with
PHP Register Globals ON)
---------------------+------------------------------------------------------
Reporter: g30rg3x | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.1.2
Component: General | Version: 2.1
Severity: normal | Keywords: m, cat, array, register globals
---------------------+------------------------------------------------------
As readed on SecurityFocus BugTraq Mailing List:[[BR]]
[http://www.securityfocus.com/archive/1/456731][[BR]][[BR]]
There is a defect when passing "m" as an a array, example:[[BR]]
http://host/?m[]=
[[BR]][[BR]]
Also i found that "cat" has the same bug like "m" value but only
disclouses a error in function urldecode():[[BR]]
http://host/?cat[]=
[[BR]][[BR]]
This bug/defect only works if "Register Globals" directive on PHP is
turned ON.[[BR]]
I Think this patch is a temporary solution to the problem and also i think
it could be solved in other area.[[BR]]
[[BR]]
Other live examples:[[BR]]
http://alexking.org/?m[]= [[BR]]
http://boren.nu/?m[]= [[BR]]
http://dougal.gunters.org/?cat[]= [[BR]]
--
Ticket URL: <http://trac.wordpress.org/ticket/3891>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list