Re: [listfiles] anomaly
This WebDNA talk-list message is from 2003
It keeps the original formatting.
numero = 50123
interpreted = N
texte = In the words of homer simpson: doh!On 5/7/03 1:02 PM, Joe D'Andrea
wrote:> Couldn't figure out whether to label this an exploit, bug, oversight> or what... so I settled on anomaly.> > Put this in a template:> > [listfiles]> [filename]> [/listfiles]> > And you will get a list of the files in your WebSTAR root folder. It> doesn't matter where on your server you put the template, you will> always get a list of files in the W* root.> > Clearly, there is some coder error here as I left out the required> path= parameter. But since the docs clearly say that path= is a> required parameter, shouldn't WebCat protect me from myself when I> don't include a required parameter?> > I'm using w*4/macos9/wcat4.5, but what happens if a v5 sandbox user> leaves out the required parameter? Do they get access to stuff they> shouldn't?> > ~joe> -----------------------------Daniel Schutzsmith Senior Web DeveloperBerlin Productions, Inc.dan@berlinprod.comhttp://www.berlinprod.com(914) 683-5759(914) 683-5751 fax------------------------------------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
In the words of homer simpson: doh!On 5/7/03 1:02 PM, Joe D'Andrea wrote:> Couldn't figure out whether to label this an exploit, bug, oversight> or what... so I settled on anomaly.> > Put this in a template:> > [listfiles]> [filename]> [/listfiles]> > And you will get a list of the files in your WebSTAR root folder. It> doesn't matter where on your server you put the template, you will> always get a list of files in the W* root.> > Clearly, there is some coder error here as I left out the required> path= parameter. But since the docs clearly say that path= is a> required parameter, shouldn't WebCat protect me from myself when I> don't include a required parameter?> > I'm using w*4/macos9/wcat4.5, but what happens if a v5 sandbox user> leaves out the required parameter? Do they get access to stuff they> shouldn't?> > ~joe> -----------------------------Daniel Schutzsmith Senior Web DeveloperBerlin Productions, Inc.dan@berlinprod.comhttp://www.berlinprod.com(914) 683-5759(914) 683-5751 fax------------------------------------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Daniel Schutzsmith
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
You *can!!* overwrite username/password using an HTML form. Also, experts *please* see Q at end (2000)
WebDNA for Dummies (2004)
Single Link browsing (1997)
RE: [WebDNA] Ubuntu and WebDNA (2019)
Alternating BGColors in Table Rows (1998)
WebCat2 - Getting to the browser's username/password data (1997)
Summary layout (1997)
Spawn doesn't work as advertised ... (2000)
OT: Log Files (2003)
Redirect frame targets (1998)
Server Freeze (1998)
Multiple Items (1998)
Acrobat Form Submission (1999)
File not found error message (1998)
Using Plug-In while running 1.6.1 (1997)
WebCat2b15MacPlugIn - [authenticate] not [protect] (1997)
Q: writefile and uploads. (1998)
quantity minimum problem (1997)
WebCat2b13MacPlugIn - [include] (1997)
[FileInfo] strangeness (1998)