Discuz forum to blast the physical path principle-vulnerability warning-the black bar safety net

2007-01-24T00:00:00
ID MYHACK58:62200713950
Type myhack58
Reporter 佚名
Modified 2007-01-24T00:00:00

Description

Affected version

Discuz! 5.2 Discuz! 5.1 Discuz! 4.1 Discuz! 4.0 .............

1. common. inc. php issues code 2 0, line 7

..... $navtitle = $navigation = "; $extra = isset($extra) && preg_match("/^+$/i", $extra) ? $extra : "; $tpp = intval(empty($_DSESSION) ? $topicperpage : $_DSESSION); $ppp = intval(empty($_DSESSION) ? $postperpage : $_DSESSION); .......

Submitted to:

http://www.discuz.net/post.php?action=newthread&fid=3 2&extra=page%3D1

Return

Warning: preg_match() expects parameter 2 to be string, array given in

/home/www/wwwroot/www.discuz.net/include/common.inc.php on line 2 0 9

2. Is still extra array problem

Submitted to:

http://bbs.cnbct.org/viewthread.php?tid=316&pid=1 4 5 3&page=1&extra=page%3D1#pid1453

Return

Warning: preg_match() expects parameter 2 to be string, array given in

/home/.cattia/bct/bbs.cnbct.org/include/common.inc.php on line 2 0 6 ? Warning: Cannot modify header information - headers already sent by (output started at

/home/. cattia/bct/bbs. cnbct. org/include/common. inc. php:2 0 6) in

/home/.cattia/bct/bbs.cnbct.org/include/global.func.php on line 1 3 9

3. global. func. php issues code 3 0 line 6

function ispage($number) { return ! empty($number) && preg_match("/^(+)$/", $number); }

Submitted to:

http://www.discuz.net/viewthread.php?tid=316&pid=1 4 5 3&page=1&extra=page%3D1#pid1453

Return

Warning: preg_match() expects parameter 2 to be string, array given in

/home/www/wwwroot/www.discuz.net/include/global.func.php on line 3 0 6

Summary

When the variable as an array when it is submitted, if it does not exist in the array, but there is a variable, the back of the preg_match()regular expression matching can't, so it appears the absolute path