PHP Injection Vulnerability. I need help.
Posted: Tue Jul 17, 2007 5:29 pm
I recently scanned my website for vulnerabilities. I came up with two huge ones: Blind SQL/XPath injection for numeric inputs and Directory traversal (Unix).
It's due to the following script.
I am new to PHP and am wondering how to fix it. Thanks.
~ Codius
It's due to the following script.
Code: Select all
<?php
require_once "config.inc.php";
require_once "includes/init.inc.php";
require "includes/filter.inc.php";
// TODO: Remove these completly
include ('modules/functions.php');
include ('skin/header.php');
include ('skin/side.php');
// TODO: Move or improve this
if (isset($_GET['act'])) {
$page = $_GET['act'];
if (file_exists('pages/'.$page.'.php')) {
include ('pages/'.$page.'.php');
$cc = 'nothing';
} else {
include ('pages/index.php');
$cc = 'home';
}
} else {
include ('pages/index.php');
}
// TODO: Remove these completly
include ('skin/right-side.php');
include ('skin/footer.php');
include ('skin/map.php');
?>~ Codius