Urgent fix for security hole in phpNuke 6.5
Date: Sunday, March 23 @ 00:36:38 CET
Topic: Security


The fix for what is mentioned in the previous articles as provided by Francisco Burzi is as follows
Everyone should edit the file modules/News/index.php and search the function rate_article. You should change the first lines of the functions to close the security hole.
File: modules/News/index.php
Function: rate_article
It looks like:
if ($score) {
if ($score > 5) { $score = 5; }
if ($score < 1) { $score = 1; }
Should be changed for:
 $score = intval($score);
if ($score) {
if ($score > 5) { $score = 5; }
if ($score < 1) { $score = 1; }
if ($score != 1 AND $score != 2 AND $score != 3 AND $score != 4 AND $score != 5) {
Header("Location: index.php");
die();
}




The code has been updated to reflect the latest patch.



This article comes from NukeCops
http://www.nukecops.com

The URL for this story is:
http://www.nukecops.com/modules.php?name=News&file=article&sid=104