Co tu pisze :(


(Strong Cs) #1

Witam kto mi przetlumaczy ten txt ? :frowning:

Problem:


Invision Board v2.1.4 has a problem with sessions. Once it is  

installed on a server where php is allowed to

use transparant sessions a session can be hijacked by other users.




Testing:


Once you visit a site where Invision Board is used the first click on  

the Log In link points the visitor to a link with the session id in it:


index.php?s=&act=Login&CODE=00


If you copy this session id, login and start a different browser (not  

a new instance) then you only need to copy the session id url into  

the different browser to login without giving the password and login  

name.


Any links within the forum where the session_id is linked to the url  

will enable other people (perhaps only

within the same network where the ipnumber is natted) to login when  

users are online and logged in.


Reported:


Contacted the authors on march 1st, no response.

Contacted the author via the email address listed on this list, no  

respons.


Regards,


Hans

(pysiu) #2

tłumaczenie z translatora :wink: :wink:


(Azpr) #3

jak juz to co tu jest napisane...


(aju) #4

kkk kooo kopytko :mrgreen: :mrgreen: :mrgreen:


(Radekszyk) #5

--- oznacza moj─ů dopowied┼║

Mam nadzieję, że Tobie pomogłem :slight_smile:

To moje w┼éasne t┼éumaczenie; bez ┼╗ADNYCH s┼éownik├│w, wi─Öc w razie jakih┼Ť b┼é─Öd├│w - I'm sorry and I hope you will understand that people sometimes make mistakes :stuck_out_tongue: