Hacker News new | past | comments | ask | show | jobs | submit login 

  /somecategory/apage.php?id=34\xc3\x83\xc6\x92\xc3\x86\xe2\x80\x99\xc3\x83\xe2\x80\x9a\xc3\x82\xc2\x9d&listing=989
Thing is, removing that hex and just putting in

  /somecategory/apage.php?id=34&listing=989
does the same thing. I get the same output to the browser regardless of which is used.



it is probably not the culprit, but did you take a look at the code in apage.php that processes id just in case? it could be something.


I have looked at the code and the GET request is sanitized before being passed on.


i ask again, then, are you using something like filezilla, and/or do you log in as root without a sudo?


No I am not using Filezilla and root cannot be logged into without sudo.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: