[OpenSIPS-Users] OpenSIPS Control Panel 6.1
Bill Shirley
bill at philly.polymerindustries.biz
Mon Aug 10 03:46:58 CEST 2015
Is anyone running the 6.1 CP? It's full of bugs and security holes. Whoever thought it wise to code:
extract($_POST);
Also, the input stored in the database is not sanitized plus a whole lot more errors.
https://xkcd.com/327/
We had a 'professional' company write a web portal for us that didn't sanitize their input. I actually
did do a "'; DROP TABLE `customer`;" on the database. I even emailed them before hand pointing out
the problem.
I don't want to sound harsh or ungrateful. I run a lot of free software that enables me to earn a living.
I'm thankful for all the people that labored to produce the software.
I'm also guessing that CP 6.1 not meant to be run with the Fedora 22 version of OpenSIPS:
[0:root at jabba lib]$ rpm -q php httpd opensips
php-5.5.20-2.fc19.x86_64
httpd-2.4.9-1.fc19.x86_64
opensips-1.10.1-1.fc19.x86_64
I'm trying to set up a SIP proxy to route calls from my network to Cisco CUCM on another network.
Any pointers are appreciated.
Bill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20150809/d21fac0c/attachment.htm>
More information about the Users
mailing list