whoops I was pretty sure you had it to auto update. sorry guys :-)
hey I am going to agree with you guys on this one. I dont see how this exploit could work. I just played around with it to see if I can get...
Hey till or falko, Hey Sorry I haven't done anything in a few months. However, I was recently playing with clamav and noticed it isn't set to...
I talked with my friend about the problem and had him read the entire thread. He is firmilar with ISP Config and has looked at some of the source...
As far as rewriting escapeshellcmd goes, I think rewriting would be the best way to go. Escapeshellcmd's goal is to be a generic filter not an...
I am paranoid. However, I get paid to be paranoid so I guess it is ok. :-) What you think is best Till probably will be the way to go. I trust...
Sorry Till! I miss read the post thinking it was your post verses Dan's. After reading your filters I do see your point, I appologize. I...
possible other solution way to "secure" your statement $value will return a url ... for example purposes we will say /var/www/web[id]/cms...
ehh better but still has a lot of holes. I agree with Till on all his security points and he is a much better php programmer then I am. However,...
you were correct in your fear. I am not sure what rights the function would be granted but it could still be a big problem. This solution is...
possible idea... do we have a folder or group in cvs for mod's or extra's? Might be easier for people to help with? Especially with...
global variables, undeclared variables, and variables that are sent with post, get, cookies(basicly from the client to the server) would be the...
You are not alone in your request. We are currently working on creating plugins that will provide what you requested. I believe the phpnuke...
are we still using IRC? I switched over to windows on my main box inorder to play WoW and Civ 4 :-( . Know of a good FREE IRC client that runs...
Separate names with a comma.
