EasyTalk microblogging system X1. X file contains the vulnerability and the Fix-vulnerability warning-the black bar safety net

EasyTalk microblogging system X1. X file contains the vulnerability PluginsAction.class.php parameters in the file $GET'out' without any filter, directly take to call the include file, the resulting vulnerabilities generated. PluginsAction.class.php to:...

EasyTalk microblogging arbitrarily modify account vulnerability-vulnerability warning-the black bar safety net

Author: mind Vulnerability found in the latest version 5.01 the old version not the source code I do not know whether there Then again..look at the code...... See the file catalog file op.php ? php include'common.inc.php'; //load global variable $op = $GET'op'?$ GET'op':'login'; // because the...