Page 1 of 1

Problem with form post hijack?

Posted: Tue 27. Sep 2005, 15:42
by Marchel
Hi all,

I have a question regarding contact forms.

Currently there is a form post hijack.

Info can be found at http://www.anders.com/projects/sysadmin ... Hijacking/

I was wondering if phpwcms is vulnerable to this and if so, what we can do to fix it. Anyone has a clue?

I am currently coming up with a solution for other forms we host using php, by stripping out the \r and \n of the form headers.

Cheers,
Marchel.

Posted: Wed 28. Sep 2005, 15:53
by usta

Posted: Wed 28. Sep 2005, 17:15
by Marchel
Usta,

I don't know what you mean...

Posted: Thu 29. Sep 2005, 18:33
by usta
methought, a ssl-secure login might help...

Posted: Sun 30. Oct 2005, 11:49
by Oliver Georgi
this has nothing to do with bug ;-)