|| ||"MOD" <email@example.com>|
|| ||Input validation attack in php-affiliate-v1.0|
|| ||Thu, 15 Aug 2002 22:08:37 +0100|
PHP Affiliate allows you to promote your site with an affiliate program.
When affiliates sign up to your site they display links and banners to your
site, and in return you offer them a financial reward for every sale they
bring. Requires PHP4 and MySQL.
A vulnerability is present in details.php, a form for changing details about
an affiliates account. The user id is submitted to details2.php via a hidden
field, so any user can change the field to another user and be able to edit
A fix may be to check the user is logged in with a valid session in
and then to update the database with this:
WHERE refid = '$HTTP_SESSION_VARS[valid_user]'
This hasn't been tested.
to post comments)