theme-edit, mod_security and xss injection attacks

File

Line

Function

/inc/class_error.php

153

errorHandler->error

/showthread.php

745

errorHandler->error_callback

File

Line

Function

/inc/class_error.php

153

errorHandler->error

/inc/class_parser.php

584

errorHandler->error_callback

/inc/class_parser.php

228

postParser->parse_mycode

/inc/functions_post.php

830

postParser->parse_message

/showthread.php

916

build_postbit

File

Line

Function

/inc/class_error.php

153

errorHandler->error

/inc/class_parser.php

584

errorHandler->error_callback

/inc/class_parser.php

228

postParser->parse_mycode

/inc/functions_post.php

861

postParser->parse_message

/showthread.php

916

build_postbit

File

Line

Function

/inc/class_error.php

153

errorHandler->error

/showthread.php(1650) : eval()'d code

errorHandler->error_callback

/showthread.php

1650

eval

Thread Rating:

0 Vote(s) - 0 Average
1
2
3
4
5

theme-edit, mod_security and xss injection attacks

shawn_a Offline

Lead Developer

Posts: 6,267
Threads: 182
Joined: Sep 2011

2011-09-14, 23:52:50

Ok I jumped the gun on that, I still don't like the filename thing, Ive been locked down for stuff like that before.

But

Its actually the <Script> tags being caught for injections with SecFilter.

Instead of deleting my post I will just post a solution when I have one.

NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix

Website Find

« Next Oldest | Next Newest »

Messages In This Thread

theme-edit, mod_security and xss injection attacks - by shawn_a - 2011-09-14, 23:40:30

theme-edit, mod_security and xss injection attacks - by shawn_a - 2011-09-14, 23:52:50

theme-edit, mod_security and xss injection attacks - by yojoe - 2011-09-15, 17:36:29

theme-edit, mod_security and xss injection attacks - by shawn_a - 2011-09-15, 23:50:27

View a Printable Version

Users browsing this thread: 3 Guest(s)

Login
Username:
Password:	Lost Password?
	Remember me