azett
|
f6394eac7a
|
fixes #188
|
2023-01-08 13:24:41 +01:00 |
|
azett
|
3cc223dec5
|
fixes #178, possible XSS via uploaded XML & MD files
|
2022-12-25 14:42:08 +01:00 |
|
azett
|
742f8b04f2
|
added SVG to forbidden file types in order to prevent possible XSS - see https://github.com/Nguyen-Trung-Kien/CVE/blob/main/CVE-2022-24588/CVE-2022-24588.pdf
|
2022-12-17 14:39:15 +01:00 |
|
azett
|
dfa8e3013b
|
fixes #170, thx for reporting!
|
2022-12-17 12:38:10 +01:00 |
|
azett
|
92c0b2a517
|
Bufix: Checking uploaded files' extensions looked for the tmp file name, not the actual file name. Fixes #152 as well - thanks @s4n-h4xor!
|
2022-10-01 13:33:34 +02:00 |
|
azett
|
fd9aea911d
|
First part of #114: Error msg on uploading a forbidden file. Thx laborix!
|
2022-06-19 12:37:56 +02:00 |
|
azett
|
c1e368b222
|
Uploader checks for forbidden files more carefully. And: #56 fixed. Thanks again, Matthias!
|
2020-09-06 12:22:55 +02:00 |
|
azett
|
082c113d67
|
Security: PHP files can not be uploaded any more - see https://www.exploit-db.com/exploits/39870
|
2018-12-31 15:13:49 +01:00 |
|
real_nowhereman
|
a68630bf35
|
First revision of FlatPress Crescendo+1 ( 0.703+n :) )
|
2007-10-30 10:30:07 +00:00 |
|