nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[security] Self-XSS on column type (table Search), see PMASA-2011-18

Browse Source
This commit is contained in:
Marc Delisle
2011-11-22 12:46:46 -05:00
parent bc45a1048d
commit dac8d6ce25
2 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@@ -22,6 +22,7 @@ phpMyAdmin - ChangeLog
- [security] Self-XSS on database names (Synchronize), see PMASA-2011-18
- [security] Self-XSS on database names (Operations/rename), see PMASA-2011-18
- [security] Self-XSS on column type (Create index), see PMASA-2011-18
- [security] Self-XSS on column type (table Search), see PMASA-2011-18
3.4.7.1 (2011-11-10)
- [security] Fixed possible local file inclusion in XML import

4
tbl_select.php
View File

@@ -124,7 +124,7 @@ if (!isset($param) || $param[0] == '') {
?>
<tr class="noclick <?php echo $odd_row ? 'odd' : 'even'; $odd_row = ! $odd_row; ?>">
<th><?php echo htmlspecialchars($fields_list[$i]); ?></th>
<td><?php echo $fields_type[$i]; ?></td>
<td><?php echo htmlspecialchars($fields_type[$i]); ?></td>
<td><?php echo $fields_collation[$i]; ?></td>
<td><select name="func[]">
<?php
@@ -190,7 +190,7 @@ if (!isset($param) || $param[0] == '') {
<?php
} elseif (strncasecmp($fields_type[$i], 'enum', 4) == 0) {
// e n u m s
$enum_value=explode(', ', str_replace("'", '', substr($fields_type[$i], 5, -1)));
$enum_value=explode(', ', str_replace("'", '', substr(htmlspecialchars($fields_type[$i]), 5, -1)));
$cnt_enum_value = count($enum_value);
echo ' <select name="fields[' . $i . '][]"'
.' multiple="multiple" size="' . min(3, $cnt_enum_value) . '">' . "\n";