ZoneMinder Forums

Posted: **Sat Apr 10, 2010 6:57 am**

index.php?skin=<script>alert('ciao');</script>

Posted: **Sat Apr 10, 2010 5:43 pm**

Looks like you miss something???

Posted: **Thu Apr 15, 2010 8:45 am**

I'm not missing anything

in index.php line 63, for additional security,

change

Code: Select all

if ( isset($_GET['skin']) )
    $skin = $_GET['skin'];
elseif ( isset($_COOKIE['zmSkin']) )
    $skin = $_COOKIE['zmSkin'];
else
    $skin = "classic";

to

Code: Select all

if ( isset($_GET['skin']) && preg_match('#^[a-z]+$#', $_GET['skin']))
    $skin = $_GET['skin'];
elseif ( isset($_COOKIE['zmSkin']) && preg_match('#^[a-z]+$#', $_COOKIE['zmSkin']) )
    $skin = $_COOKIE['zmSkin'];
else
    $skin = "classic";

Posted: **Thu Apr 15, 2010 7:04 pm**

Told ya you miss something... you miss that I didn't understood a thing... now seems clearer!!!

ZoneMinder Forums

skin xss

skin xss