From aee8b0f6ed0c85e55cbd5f344f7cbab804e0738c Mon Sep 17 00:00:00 2001
From: Arturo Gonzalez <arturo.gonzalez@artica.es>
Date: Wed, 21 Jun 2017 11:42:59 +0200
Subject: [PATCH] Added security control in oum package number

---
 .../include/ajax/update_manager.ajax.php            | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/pandora_console/include/ajax/update_manager.ajax.php b/pandora_console/include/ajax/update_manager.ajax.php
index d947bbb78a..d165fc6bb1 100644
--- a/pandora_console/include/ajax/update_manager.ajax.php
+++ b/pandora_console/include/ajax/update_manager.ajax.php
@@ -112,8 +112,17 @@ if ($install_package) {
 	$package = trim($package);
 	
 	$chunks = explode("_", basename($package));
-	$chunks = explode(".", $chunks[1]);
-	$version = $chunks[0];
+	$chunks = explode(".", $chunks[1]);	
+	if(is_numeric($chunks[0])){
+		$version = $chunks[0];
+	}
+	else {
+		$current_package = db_get_value('value', 'tconfig',
+			'token', 'current_package_enterprise');
+		if (!empty($current_package)) {
+			$version = $current_package;
+		}
+	}
 	
 	// All files extracted
 	$files_total = $package . "/files.txt";