1. 14 Aug, 2007 2 commits
    • Russ Fish's avatar
      When I fixed the regexp in PAGEARG_STRING that checks for quotes, it plugged · ab1761e5
      Russ Fish authored
      one SQL injection hole, and shifted detection of probes  earlier in a lot
      of other pages.  But some inputs that were marked PAGEARG_STRING should
      actually be PAGEARG_ANYTHING, since they're text fields where quotes make
      sense, and are escaped properly in the logic that handles them.
      
        approveproject.php3 - message
        editnodetype.php3 - newattribute_value
        newnodelog.php3 - log_entry
        newosid.php3 - description
        nodecontrol.php3 - startupcmd (node_control strips single-quotes from values.)
      ab1761e5
    • David Johnson's avatar
      Catch another strange xmlrpc error. · 34f19ee9
      David Johnson authored
      34f19ee9
  2. 13 Aug, 2007 3 commits
  3. 10 Aug, 2007 5 commits
  4. 09 Aug, 2007 8 commits
  5. 08 Aug, 2007 1 commit
  6. 07 Aug, 2007 1 commit
  7. 06 Aug, 2007 7 commits
  8. 03 Aug, 2007 12 commits
  9. 02 Aug, 2007 1 commit