Advanced search  


cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.

Pages: [1]   Go Down

Author Topic: Possible _GET and _POST var inversion in editpics.php  (Read 3080 times)

0 Members and 1 Guest are viewing this topic.


  • Coppermine regular visitor
  • **
  • Offline Offline
  • Posts: 52
Possible _GET and _POST var inversion in editpics.php
« on: April 06, 2006, 04:13:04 am »

Lines 32 and 33 of editpics.php in CPG 1.4.4 contain the lines

Code: [Select]
} elseif (isset($_GET['album'])) {
        $album_id = (int)$_POST['album'];

Wondering whether they should read ...

Code: [Select]
} elseif (isset($_POST['album'])) {
        $album_id = (int)$_POST['album'];
Pages: [1]   Go Up

Page created in 0.015 seconds with 21 queries.