rejetto forum
Software => HFS ~ HTTP File Server => Topic started by: rootarded on October 29, 2006, 01:47:57 AM
-
Hello.
I just downloaded this piece of software and found out that it's possible to upload to folder which you do not have permission to upload to by simply creating your own html form, add the files and change the action parameter in the form to the folder you want to upload to.
This should be fixed ASAP.
-
???
In order to reproduce what you've found, could you please describe exactly what you've done with your HTML and how you've protected the upload folder?
-
yes, fixed.
i'm now fixing other bugs, and will publish a new build in few hours.
-
please update to version 2.1a