LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Security page

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

LWN.net Weekly Edition for September 4, 2008

The Kernel Hacker's Bookshelf: UNIX Internals

DRI, BSD, and Linux

SCHED_FIFO and realtime throttling

LWN.net Weekly Edition for August 28, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Input validation attack in php-affiliate

[Posted August 19, 2002 by corbet]

From:  "MOD" <br014c1155@blueyonder.co.uk>
To:  <bugtraq@securityfocus.com>
Subject:  Input validation attack in php-affiliate-v1.0
Date:  Thu, 15 Aug 2002 22:08:37 +0100

www.organicphp.com
php-affiliate-v1.0.zip

PHP Affiliate allows you to promote your site with an affiliate program.
When affiliates sign up to your site they display links and banners to your
site, and in return you offer them a financial reward for every sale they
bring. Requires PHP4 and MySQL.

A vulnerability is present in details.php, a form for changing details about
an affiliates account. The user id is submitted to details2.php via a hidden
field, so any user can change the field to another user and be able to edit
their information.

A fix may be to check the user is logged in with a valid session in
details2.php:

  if (session_is_registered("valid_user"))

and then to update the database with this:

  WHERE refid = '$HTTP_SESSION_VARS[valid_user]'

This hasn't been tested.
(Log in to post comments)

Copyright © 2002, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds