Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Possible security problem #44

Open
bozhinov opened this issue Feb 25, 2021 · 1 comment
Open

Possible security problem #44

bozhinov opened this issue Feb 25, 2021 · 1 comment

Comments

@bozhinov
Copy link
Contributor

bozhinov commented Feb 25, 2021
edited

control-pane/public/index.php

Line 73 in 228e14b

<?php if(isset($user_info_txt)) echo $user_info_txt; ?>

<script type="text/javascript"> _first_start=true; err_messages={add:function(arr){for(n in arr){err_messages[n]=arr[n];}}}; user_id='1';user_login='admin'; </script>

I can't find any reference to user_login anywhere else in the code
Question is if user_id is being passed to some other script like public\js\clonos.js
to be used for user deletion or other sensitive stuff ?

I mean I can craft the page to make myself admin. admin is user_id = 1
@olevole
Copy link
Member

olevole commented Feb 25, 2021

You're right. apparently this is an artifact from the old code. I suppose it can be removed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@olevole @bozhinov