hi Daniel,
opencart 1.5.2.1 bug like here description from http://www.waraxe.us/advisory-84.html is solved?
If you see any problem with '../' in url's then add to .htaccess this lines at all.
#check for exploits and send all blocked request to homepage with 403 Forbidden error!
RewriteCond %{QUERY_STRING} \.\.\/ [OR]
RewriteCond %{QUERY_STRING} auto_prepend_file
RewriteRule ^(.*)$ - [F,L,NS]
#check for exploits and send all blocked request to homepage with 403 Forbidden error!
RewriteCond %{QUERY_STRING} \.\.\/ [OR]
RewriteCond %{QUERY_STRING} auto_prepend_file
RewriteRule ^(.*)$ - [F,L,NS]
Thank you krokodylowy3,
but what do you mean by
Anticipated thx
but what do you mean by
And if I am NOT mistaken, AL can correct me here, but this Vulnerabilitie is JUST for host running on WINDOWS server, but I guess most of us here use Linux server, so arent effected I guess ..If you see any problem with '../' in url's
Anticipated thx
Who is online
Users browsing this forum: No registered users and 4 guests
