Affected file Request

Больше
9 года 11 мес. назад #4323 от alex
alex создал тему: Affected file Request
Affected files
1 Evaluating Regex place numeric entities because html_entity_decode doesn't // do it for us. $str = /plugins/slogin_auth/yahoo/assets/yahoo-yos-social/lib/OpenID/Auth/Yadis/ParseHTML.php
2 Evaluating Regex s. $str = preg_replace('~&#x([0-9a-f]+);~ei', 'chr(hexdec("\\1"))', $str); $str = /plugins/slogin_auth/yahoo/assets/yahoo-yos-social/lib/OpenID/Auth/Yadis/ParseHTML.php

Affected file
/plugins/slogin_auth/yahoo/assets/yahoo-yos-social/lib/OpenID/Auth/Yadis/ParseHTML.php
Explanation
The method preg_replace with evaluate option can execute php code. You should check if this code is part of the original file or was injected.
Snippet
place numeric entities because html_entity_decode doesn't
// do it for us.
$str = preg_replace('~&#x([0-9a-f]+);~ei', 'chr(hexdec("\\1"))', $str);
$str = preg_replace('~&#([0-9]+);~e', 'chr(\\1)', $str);
return $

Affected file
/plugins/slogin_auth/yahoo/assets/yahoo-yos-social/lib/OpenID/Auth/Yadis/ParseHTML.php
Explanation
The method preg_replace with evaluate option can execute php code. You should check if this code is part of the original file or was injected.
Snippet
s.
$str = preg_replace('~&#x([0-9a-f]+);~ei', 'chr(hexdec("\\1"))', $str);
$str = preg_replace('~&#([0-9]+);~e', 'chr(\\1)', $str);

return $str;
}

/**
* Strip single and double quotes off of a string, if

Пожалуйста Войти или Регистрация, чтобы присоединиться к беседе.

Работает на Kunena форум

Последнее с форума

    • Users view page
    • tools enable users to easily download documents from Scribd for offline access without a subscription. These tools facilitate the retrieval of various content types, including eBooks, research...
    • в Component / Slogin
    • Blog lock mechanism
    • The latest version of brings exciting new features and enhancements to the gameplay experience in Minecraft. This update includes improved character interactions, additional customization options,...
    • в Component / JL Mail
© 2010- JoomLine
The Joomla!® name is used under a limited license from Open Source Matters in the United States and other countries. joomline.net is not affiliated with or endorsed by Open Source Matters or the Joomla! Project.

тел.: +7 950 676-22-39
email: Адрес электронной почты защищен от спам-ботов. Для просмотра адреса в вашем браузере должен быть включен Javascript.