[VIM] verify of LabWiki issue (source inspection)

Steven M. Christey coley at mitre.org
Mon Jun 12 15:43:05 EDT 2006


  Bugtraq - LabWiki v1.0

I obtained version 1.5.

In search.php we have:

  <input type="text" name="query" id="query" value="<?php echo $QW['requestQuery']; ?>" />&nbsp;

The "$QW['requestQuery']" is set in _global.php :

  $QW['requestQuery']    = trim(QWSafeGet( $QW_REQUEST, 'query' ));

the "QWSafeGet" function basically accesses an array value in a way
that prevents an undefined index warning.

Earlier in _global.php, $QW_REQUEST is set to either $_GET or $_POST.

So, we have a literal reflection of the "query" parameter as sent to
search.php when it re-constructs the query page.

- Steve

More information about the VIM mailing list