Security hole

samrad · Post by **samrad** » Thu Aug 16, 2012 12:17 pm

Hi we have an FAQ that is secured, however a user has discovered a way round this.

If you register for an account than request an email of your password the system sends you a password and then allows you to log in. You get an error on login but if you then click on registration again the system gives you the registration page in the FAQ body with all the links. It then lets you browse the faq without any account activation.

samrad · Post by **samrad** » Thu Aug 16, 2012 12:56 pm

I have temporarily fixed this by adding: session_destroy();

Code: Select all

         $error           = $PMF_LANG['ad_auth_fail'] . ' (' . $faqusername . ')';
			session_destroy();
            $loginVisibility = '';
            $user            = null;
            $action          = 'main';

into index.php

Post by **Thorsten** » Fri Aug 17, 2012 5:37 am

Hi,

thanks for the hint, I'll add this fix.

bye
Thorsten

phpMyFAQ

Security hole

Security hole

Re: Security hole

Re: Security hole