Beanz/flatpress
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixes #179, preventing path traversal

Browse Source
This commit is contained in:
azett 2022-12-25 15:00:06 +01:00
parent 3cc223dec5
commit 5d5c7f6d8f
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
fp-plugins/mediamanager/panels/panel.mediamanager.file.php
View File

@ -77,6 +77,8 @@ class admin_uploader_mediamanager extends AdminPanelAction {
/* delete file */ /* delete file */
if (isset($_GET ['deletefile'])) { if (isset($_GET ['deletefile'])) {
list ($type, $name) = explode("-", $_GET ['deletefile'], 2); list ($type, $name) = explode("-", $_GET ['deletefile'], 2);
// prevent path traversal: remove ".." and "/" resp. "\"
$name = preg_replace('(\.\.|\/|\\\\)', '', $name);
switch ($type) { switch ($type) {
case 'attachs': case 'attachs':
$type = ABS_PATH . ATTACHS_DIR; $type = ABS_PATH . ATTACHS_DIR;