G 1.5.1-RC3 - jhead exif data called with -v (exposes path)

jf67yuhj Joined: 2004-09-05 Posts: 2	Posted: Mon, 2005-09-05 03:12
	I've noticed that the photo properties in 1.5.1 RC3 now calls jhead with a -v option with the photo properties to display exif data. Not only does this display a huge amount of unnecessary information, it also displays the fully qualified OS path to the file which could possibly be used in a compromise. This behaviour is in function getExif($file) in util.php (line 1690). Removing the "-v" makes the photo properties function display what you really want Thanks, Jim Fisher www.jamesfisher.us
	XUser login Username: * Password: * Create new account Request new password

XUser login