Permalink
Browse files

Fix : CVE-2011-3760 : Nucleus における重要な情報を取得される脆弱性

  • Loading branch information...
1 parent 00ca321 commit 4e2aa468bac707962e66b93a14000ae481d34cc0 piyoyo committed Nov 5, 2015
@@ -0,0 +1,12 @@
+Order allow,deny
+Deny from all
+
+<Files ~ "^server.php$">
+##### Allow all access
+Allow from all
+### example:
+##### Allow softbank ybb
+# Allow from .bbtec.net
+##### Allow from local_ip_address
+# Allow from 127.0.0.1
+</Files>
@@ -12,6 +12,9 @@
* This file contains definitions for the methods in the Blogger API
*/
+// prevent direct access
+if (!isset($member))
+ exit;
// blogger.newPost
$f_blogger_newPost_sig = array(array(
@@ -443,4 +446,4 @@ function blogger_specialTags($item) {
);
-?>
+?>
@@ -13,6 +13,9 @@
* This file contains definitions for the methods of the metaWeblog API
*/
+// prevent direct access
+if (!isset($member))
+ exit;
// metaWeblog.newPost
$f_metaWeblog_newPost_sig = array(array(
@@ -15,6 +15,10 @@
* Wouter Demuynck 2003-08-31
*/
+// prevent direct access
+if (!isset($member))
+ exit;
+
// mt.supportedMethods
$f_mt_supportedMethods_sig = array(array(
// return type
@@ -14,6 +14,10 @@
* NOTE: These functions are deprecated and will most likely be removed!
*/
+// prevent direct access
+if (!isset($member))
+ exit;
+
// nucleus.addItem
$f_nucleus_addItem_sig = array(array(
// return type
@@ -290,7 +294,8 @@ function _getItem($itemid, $username, $password) {
}
-
+ if (!isset($functionDefs))
+ $functionDefs = array();
$functionDefs = array_merge($functionDefs,
array(
"nucleus.addItem" =>

0 comments on commit 4e2aa46

Please sign in to comment.