x
x  99.9% Uptime!
x  8h Support Respond!
x  12h Problem Resolution!
x  30 Days Money Back!
          Read More
My Cart
x Home Website Hosting Packages and Information Dedicated servers Register Your Domain Name Create New Account Login to Your Account Support x
x
Account Menu
>  Home  
>  My Cart  
>  Create Account  
>  LogIn  

Hosting Services
>  Shared Hosting  
>  GPT Hosting  
>  Hosting Resellers  
>  Features Info  
>  SiteBuilder Info  

Dedicated Servers
>  Starter Servers  
>  Business Servers  
>  Enterprise Servers  
>  Management Info  

Domain Services
>  Register Domain  
>  Transfer Domain  
>  Whois Lookup  
>  Domain Prices  

IP.Board Services
>  IPB Maintenance  
>  Installatios  
>  Upgrade Services  

CashCrusader
>  Starter Kits  
>  Plugins  
  >  PolarScripts  
  >  Cash Plugins  
>  Services  
>  Security Notes  

Support
>  FAQ  
>  cPanel Tutorials  
>  Contact Us  

Resources
>  About Us  
>  Datacenter Info  
>  Guarantees Info  
>  TOS, AUP, SLA  
>  Privacy Policy  
>  Our Blog  
>  GPT Resources  
x
CashCrusader adstats2.php critical vulnerability


Vulnerability information

Discovered by: Jutaky, PolarWeb Ltd
Release Date: October 16th 2007
Software: CashCrusader / adstats2.php addon page
Critical: Highly critical
Impact: Complete read access to CashCrusader database
How: From remote / browser
Solution: 3rd party patch


Patch

Edit the beginning of the adstats2.php file and replace

<? include("setup.php");?>

with

<?
$_GET['advertiser'] = ereg_replace("[^a-zA-Z0-9]", "", $_GET[advertiser]);
include("setup.php");?>

We can install this patch for you. To order the installation service click HERE
HOME  |  CREATE ACCOUNT  |  SUPPORT  |  LOGIN  |  CONTACT US

Copyright © 2006 PolarWebServices. All rights reserved.  v2.7.3



loading