Welcome Guest ( Log In | Register )

> [BUG][EXPLOIT] Users.db.php in search
post Mar 14 2010, 02:50 PM
Post #1

Shoulders, toes and knees; I'm 36 degrees<3

Group: Support
Posts: 4,470
Joined: 4-December 06
From: CH
Member No.: 80,906

Name: Disclosure of user database in search.php
Reported by: Stephan (via e-mail)
Author of fix: (lKj)
CuteNews Compatibility: 1.3.6 - * (no incompatibility reported yet) and UTF-8 CuteNews 1 - 8b (downloaded prior to Mar 13th 2010)
Description: If search.php is included on a page where show_news.php or show_archives.php has already been included, the whole contents of the user database will be shown in the Author field.
This issue has been fixed in UTF-8 CuteNews 8b as of March 13th 2010. Users who already have UTF-8 CuteNews 8b installed only have to overwrite show_news.php, show_archives.php and search.php from the new .zip at the UTF-8 CN project page.

In show_news.php, find:
unset($static, $template, $requested_cats, $category, $catid, $cat,$reverse, $in_use, $archives_arr, $number, $no_prev, $no_next, $i, $showed, $prev, $used_archives);

Replace with:
unset($static, $template, $requested_cats, $category, $catid, $cat,$reverse, $in_use, $archives_arr, $number, $no_prev, $no_next, $i, $showed, $prev, $used_archives, $user);

In show_archive.php, find:
unset($template, $requested_cats, $reverse, $in_use, $archive, $archives_arr, $number, $no_prev, $no_next, $i, $showed, $prev, $used_archives);

Replace with:
unset($template, $requested_cats, $reverse, $in_use, $archive, $archives_arr, $number, $no_prev, $no_next, $i, $showed, $prev, $used_archives, $user);

If you are using CuteNews 1.4.6, find in search.php:
// Define Users
$all_users = file("$cutepath/data/users.db.php");

If you are using UTF-8 CuteNews, find:
$story = utf8_htmlentities($story);
$title = utf8_htmlentities($title);

Add below:
if(!isset($user) && isset($_GET['user'])){
$user = htmlentities($_GET['user']);

Upload those three files, check that the fix is successful and you're set smile.gif.

If you have display problems, consider validating your website's HTML at
I can give support in English, French, German, Dutch and some Spanish / Italian.
Personal website:
Go to the top of the page
+Quote Post

Posts in this topic
- (lKj)   [BUG][EXPLOIT] Users.db.php in search   Mar 14 2010, 02:50 PM

Reply to this topicStart new topic


RSS Lo-Fi Version Time is now: 25th November 2015 - 06:15 PM