Drupal 7.x ·й¶©

©汾:

Drupal 7.x
©:

BUGTRAQ  ID: 53454

DrupalһԴݹƽ̨

Drupal 7.14֮ǰ汾ʵϴ·й¶©ͨϢй¶װ·index.phpq[]includes/bootstrap.incڵrequest_pathԶ̹߻ȡϢ
<* ο
http://www.securityfocus.com/archive/1/522662
 *>
Է:

@Sebug.net   dis
վṩ()ܴй,ȫоѧ֮,Ը!1.http://localhost/?q[]=x2. 3.-------------------------------------4. 5.Hotfix:6. 7.Search for:8. 9.$path = trim($path, '/');10. 11.And add the following line above:12. 13.if(is_array($path)) { die(); }14. 15.-------------------------------------