Closed Bug 956307 Opened 11 years ago Closed 11 years ago

AllowURLFopen enabled @ accessfirefox.org

Tracking

(Not tracked)

Status:

RESOLVED INVALID

People

(Reporter: whitehat, Unassigned)

Details

Haris

Reporter

Description

•

11 years ago

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:26.0) Gecko/20100101 Firefox/26.0 (Beta/Release) Build ID: 20131205075310 Steps to reproduce: http://accessfirefox.org/info.php Actual results: Default php info web page. allow_url_fopen is enabled by default. Witch can resolve of RFI or LFI attack. Expected results: Default php info web page. allow_url_fopen is enabled by default. Witch can resolve of RFI or LFI attack.

Haris

Reporter

Updated

•

11 years ago

Flags: sec-bounty?

Kohei

Comment 1

•

11 years ago

The footer of the site says > This site is not officially affiliated with the Mozilla Foundation or Corporation. So please contact the project team directly.

Status: UNCONFIRMED → RESOLVED

Closed: 11 years ago

Flags: sec-bounty?

Resolution: --- → INVALID

You need to log in before you can comment on or make changes to this bug.

Bugzilla

AllowURLFopen enabled @ accessfirefox.org

Categories

(Websites :: Other, defect)

Tracking

(Not tracked)

People

(Reporter: whitehat, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated

Comment 1