Thread: YSE v2.0 PRE6
View Single Post
  #18  
Old 10th August 2009, 10:21
kp380lv's Avatar
kp380lv kp380lv is offline
Senior Member
  
Join Date: May 2008
Latvia
Posts: 388
Exclamation
Also don't forget this fix in testport.php in next YSE version - There is a XSS

PHP Code:
$port $_POST["port"];
   else
      $port $_GET['port']; 
replace with this..

PHP Code:
$port = (int)$_POST["port"];
   else
      $port = (int)$_GET['port'];