Skip to content
This repository has been archived by the owner on Sep 25, 2021. It is now read-only.

Commit

Permalink
Fix XSS bug
Browse files Browse the repository at this point in the history 
To test use the following on browse.php. I used Firefox to test without any anti script software.

browse.php?id=1&PAGE=3'%22()%26%25<ScRiPt%20>prompt(984815)</ScRiPt>
  • Loading branch information
@Bushstar
Bushstar committed Mar 26, 2014
1 parent a330cf6 commit 1e66c86
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions browse.php
View file
Expand Up @@ -182,7 +182,7 @@
}
else
{
$PAGE = $_REQUEST['PAGE'];
$PAGE = intval($_REQUEST['PAGE']);
$OFFSET = ($PAGE - 1) * $system->SETTINGS['perpage'];
}
$PAGES = ceil($TOTALAUCTIONS / $system->SETTINGS['perpage']);
Expand Down Expand Up @@ -235,4 +235,4 @@
));
$template->display('body');
include 'footer.php';
?>
?>

0 comments on commit 1e66c86

Please sign in to comment.