[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ePersonnel_RC_2004 Remote File Bug

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: ePersonnel_RC_2004 Remote File Bug
From: the.tiger100@xxxxxxxxx
Date: 1 Sep 2007 18:23:20 -0000

man what is going on

this ain't exploit at all


if ($action == "logout")
{
    Setcookie("loginpwd","",time() -86400);
    Setcookie("loginuser","",time() - 86400);
    include($logout_page);
    exit;
}
else if ($action == "login")

u have if here and its say if u logout and u have exit too so it won't execute 
anything after that

Prev by Date: [SECURITY] [DSA 1364-1] New vim packages fix several vulnerabilities
Next by Date: [SECURITY] [DSA 1363-1] New Linux 2.6.18 packages fix several vulnerabilities
Previous by thread: [SECURITY] [DSA 1364-1] New vim packages fix several vulnerabilities
Next by thread: [SECURITY] [DSA 1363-1] New Linux 2.6.18 packages fix several vulnerabilities
Index(es):
- Date
- Thread