In-Portal Issue Tracker

Welcome to the In-Portal Open Source CMS Issue Tracker! This is a central management / tracking tool for all types of tasks / issues / bugs for the In-Portal Project. Before reporting any issues, please make sure to read the Guide into Issue Tracker and How to Properly Test and Report Bugs!

Dependency Graph View Issue ] Relation Graph ] Vertical ]
related to child of duplicate of

Viewing Issue Simple Details
ID Category Type Reproducibility Date Submitted Last Update
0000159 [In-Portal CMS] Security bug report always 2009-07-31 02:45 2009-10-03 07:56
Reporter alex View Status public  
Assigned To Dmitry
Priority critical Resolution fixed  
Status closed      
Summary 0000159: Prevent of Execution of System Files of files other, then "index.php" and "admin/index.php"
Description Currently there is possible to execute individual In-Portal files. Usually people doesn't do that, but just in case I propose to add mentioned later code to all files with ".php" extension, that doesn't contain class declarations or are unit configs.

Code: defined('FULL_PATH') or die('restricted access!');
Additional Information



Web Development by Intechnic
In-Portal Open Source CMS
In-Portal Open Source CMS
Copyright © 2000 - 2009 MantisBT Group

Powered by Mantis Bugtracker