Originally reported by Joseph Richardson @EHLOVader on 2011-11-30 disclosure policy (RFv2.0)
A session injection/hijacking vulnerability through cookie manipulation
Lemonstand specific
Joseph Richardson EHLOVader
EHLOVader
/ sitemap_module.php
Created
February 14, 2012 22:23
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public function generate_sitemap() { | |
| $params = Sitemap_Params::create(); | |
| //header("Content-Type: application/xml"); | |
| $xml = new DOMDocument(); | |
| $xml->encoding = 'UTF-8'; | |
| $urlset = $xml->createElement('urlset'); | |
| $urlset->setAttribute('xmlns', 'http://www.sitemaps.org/schemas/sitemap/0.9'); | |
| $urlset->setAttribute('xmlns:xsi', 'http://www.w3.org/2001/XMLSchema-instance'); |
EHLOVader
/ gist:1880058
Created
February 22, 2012 00:07
— forked from dardub/gist:1879681
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function style_forms() { | |
| var ua = $.browser; | |
| if (!(ua.msie && ua.version.slice(0,1) == "7")) | |
| { | |
| $('select, input:checkbox, input:radio').livequery(function(){ | |
| $(this).uniform(); | |
| }); | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $Phpr_InitOnly = true; | |
| include 'index.php'; | |
| Core_UpdateManager::create()->cli_update(); | |
| ?> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <? | |
| /** | |
| * EC2's load balancer sets these for us so we know we're secure, | |
| * preventing Magento from performing a redirect loop. | |
| **/ | |
| if( isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https' ) | |
| { | |
| $_SERVER['HTTPS'] = 'on'; | |
| $_SERVER['SERVER_PORT'] = 443; | |
| } |
EHLOVader
/ gist:2322527
Created
April 6, 2012 19:56
— forked from NickToye/gist:2322497
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <div id="write_review" class="clearfix"> | |
| <? if (isset($review_posted)): ?> | |
| <p class="flash success">Your taste review has been successfully posted.</p> | |
| <? else: ?> | |
| <h3 id="review_link" class="clearfix"><a href="#" onclick="$('#review_form').removeClass('hidden'); $('#review_link').addClass('hidden'); return false;">Write Your Taste Review</a></h3> | |
| <div id="review_form" class="hidden bottom_offset"> | |
| <ul class="form"> | |
| <li class="field"> | |
| <label><span class="label">Rating</span> |
EHLOVader
/ Vuln Disclosure.md
Last active
October 7, 2023 17:36
Lemonstand vulnerability report: Customer session injection/hijacking
EHLOVader
/ Vuln Disclosure.md
Last active
October 7, 2023 17:36
Lemonstand vulnerability report: NULL byte poisoning
Originally reported by Joseph Richardson @EHLOVader on 2011-11-07 disclosure policy (RFv2.0)
A NULL byte poisoning in URL for both CSS and JS combination script
PHP < 5.3.4
EHLOVader
/ pre_action.php
Last active
October 7, 2015 21:18
— forked from GreatPotato/gist:3225912
Set shipping method automatically in LemonStand
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * Default shipping during checkout | |
| * This snippet when added to the pre_action will allow you to default shipping selection. | |
| * | |
| * This is mostly useful when there is only one shipping option, this allows you to skip | |
| * the shipping step of checkout entirely, simplifying things for your customers. | |
| * | |
| * This has been updated to use a dynamic method of pulling the first available shipping | |
| * option from your list of available shipping options. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| if(!Phpr::$security->getUser()) | |
| { | |
| Phpr::$response->redirect(root_url('/')); | |
| }else | |
| { | |
| $cache = Phpr::$config->get('CACHING',array()); | |
| if(isset($cache['PARAMS']) && isset($cache['PARAMS']['CACHE_DIR'])) |
EHLOVader
/ gist:3706390
Created
September 12, 2012 12:52
— forked from anonymous/gist:3706319
Blog File Module
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| class BlogFiles_Module extends Core_ModuleBase{ | |
| /** | |
| * Creates the module information object | |
| * @return Core_ModuleInfo | |
| */ | |
| protected function createModuleInfo(){ | |
| return new Core_ModuleInfo( | |
| "Blog Files", | |
| "Adds files to blog posts", |