Обнаружена очередная уязвимость в движке, всем рекомендуется закрыть дыру.
открываем maincore.php
исчим(15-21 строка)
<!--c1--><div class='codetop'>Код</div><div class='codemain'><!--ec1-->if (ini_get('register_globals') != 1) {
$supers = array("_REQUEST","_ENV","_SERVER","_POST","_GET","_COOKIE","_SESSION","_FILES","_GLOBALS");
foreach ($supers as $__s) {
if ((isset($$__s) == true) && (is_array($$__s) == true)) extract($$__s, EXTR_OVERWRITE);
}
unset($supers);
}<!--c2--></div><!--ec2-->
меняем на
<!--c1--><div class='codetop'>Код</div><div class='codemain'><!--ec1-->if (ini_get('register_globals') != 1) {
if ((isset($_POST) == true) && (is_array($_POST) == true)) extract($_POST, EXTR_OVERWRITE);
if ((isset($_GET) == true) && (is_array($_GET) == true)) extract($_GET, EXTR_OVERWRITE);
}<!--c2--></div><!--ec2-->
инфа с
php-fusion.int.ru
php-fusion.co.uk
открываем maincore.php
исчим(15-21 строка)
<!--c1--><div class='codetop'>Код</div><div class='codemain'><!--ec1-->if (ini_get('register_globals') != 1) {
$supers = array("_REQUEST","_ENV","_SERVER","_POST","_GET","_COOKIE","_SESSION","_FILES","_GLOBALS");
foreach ($supers as $__s) {
if ((isset($$__s) == true) && (is_array($$__s) == true)) extract($$__s, EXTR_OVERWRITE);
}
unset($supers);
}<!--c2--></div><!--ec2-->
меняем на
<!--c1--><div class='codetop'>Код</div><div class='codemain'><!--ec1-->if (ini_get('register_globals') != 1) {
if ((isset($_POST) == true) && (is_array($_POST) == true)) extract($_POST, EXTR_OVERWRITE);
if ((isset($_GET) == true) && (is_array($_GET) == true)) extract($_GET, EXTR_OVERWRITE);
}<!--c2--></div><!--ec2-->
инфа с
php-fusion.int.ru
php-fusion.co.uk
