Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-153: AmpJuke 'index.php' Vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-153: AmpJuke 'index.php' Vulnerability
# 1  
Old 01-31-2008
S-153: AmpJuke 'index.php' Vulnerability
AmpJuke is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. The risk is LOW. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

6 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Running php index.php as shell in webpage

so i have a bit of a unique situation. i have an encrypted index.php file that that can't be run the normal way that a web browser would run it. if it is run the normal way, the php script will show only gibberish on the web browser, instead of the actual php code. when run from the command... (8 Replies)
Discussion started by: SkySmart
8 Replies

2. Web Development

I can't open my index.php page after insert php code

Hello guys, Does anyone can help me? I've just made my simple index.php without any code, but after insert session code to check if any user is authenticated, my index.php doesn't work anymore. Any fresh eyes could help me to see what and where the code is wrong? <? if... (6 Replies)
Discussion started by: metalfreakbr
6 Replies

3. Shell Programming and Scripting

Sort from start index and end index in line

Hi All, I have a file (FileNames.txt) which contains the following data in it. $ cat FileNames.txt MYFILE17XXX208Sep191307.csv MYFILE19XXX208Sep192124.csv MYFILE20XXX208Sep192418.csv MYFILE22XXX208Sep193234.csv MYFILE21XXX208Sep193018.csv MYFILE24XXX208Sep194053.csv... (5 Replies)
Discussion started by: krish_indus
5 Replies

4. UNIX for Dummies Questions & Answers

wh inode index starts from 1 unlike array index (0)

brothers why inode index starts from 1 unlike array inex which starts from 0 its a question from the design of unix operating system of maurice j.bach i need to know the answer urgently...someone help please (1 Reply)
Discussion started by: sairamdevotee
1 Replies

5. Filesystems, Disks and Memory

why the inode index of file system starts from 1 unlike array index(0)

why do inode indices starts from 1 unlike array indexes which starts from 0 its a question from "the design of unix operating system" of maurice j bach id be glad if i get to know the answer quickly :) (0 Replies)
Discussion started by: sairamdevotee
0 Replies

6. Shell Programming and Scripting

PHP: problem with index.php

iam geting a error with this index script. heres the error Parse error: parse error in c:\phpdev\www\dev\compulearn\in work\index.php on line 39 Whats wrong?? ------------------------ <?php //display header and left bars include ('header.php'); include ('left.php'); //connect... (13 Replies)
Discussion started by: perleo
13 Replies
Login or Register to Ask a Question

LEARN ABOUT PHP

php_check_syntax

PHP_CHECK_SYNTAX(3)							 1						       PHP_CHECK_SYNTAX(3)

php_check_syntax - Check the PHP syntax of (and execute) the specified file

SYNOPSIS

       bool php_check_syntax (string  $filename, [string  &$error_message])

DESCRIPTION

	Performs a syntax (lint) check on the specified $filename testing for scripting errors.

	This is similar to using php -l from the commandline except that this function will execute (but not output) the checked $filename.

	For example, if a function is defined in $filename, this defined function will be available to the file that executed php_check_syntax(3),
       but output from $filename will be suppressed.

       Note

	       For technical reasons, this function is deprecated and removed from PHP. Instead, use php -l somefile.php from the commandline.

PARAMETERS

	      o $filename
		- The name of the file being checked.

	      o $error_message
		- If the $error_message parameter is used, it will contain the error message generated by  the	syntax	check.	$error_message	is
		passed by reference.

RETURN VALUES

	Returns TRUE if the lint check passed, and FALSE if the link check failed or if $filename cannot be opened.

CHANGELOG

       +--------+---------------------------------------------------+
       |Version |						    |
       |	|						    |
       |	|		     Description		    |
       |	|						    |
       +--------+---------------------------------------------------+
       | 5.0.5	|						    |
       |	|						    |
       |	|	 This function was removed from PHP.	    |
       |	|						    |
       | 5.0.3	|						    |
       |	|						    |
       |	|  Calling    exit(3)	after	php_check_syntax(3) |
       |	| resulted in a Segfault.			    |
       |	|						    |
       | 5.0.1	|						    |
       |	|						    |
       |	|      $error_message is passed by reference.	    |
       |	|						    |
       +--------+---------------------------------------------------+
EXAMPLES

       php -l somefile.php

       The above example will output something similar to:

       PHP Parse error: unexpected T_STRING in /tmp/somefile.php on line 81

SEE ALSO

       include(3), is_readable(3).

PHP Documentation Group 												       PHP_CHECK_SYNTAX(3)