[ka-Map-dev] [Bug 1630] getcjs.php critical information disclosure
vulnerability
bugzilla-daemon at bugzilla.maptools.org
bugzilla-daemon at bugzilla.maptools.org
Thu Jan 11 09:32:59 EST 2007
http://bugzilla.maptools.org/show_bug.cgi?id=1630
------- Additional Comments From gperry at flenvironmental.org 2007-01-11 09:32 -------
Simply constraining the script to the current directory will still allow
disclosure of any php documents in that directory. If the program is only used
for Javascript optimization, then a better solution would be to restrict access
only to files with a .js extension.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
Please do NOT reply to this email, use the link above instead to
login to bugzilla and submit your comment. Any email reply to this
address will be lost.
More information about the ka-Map-dev
mailing list